Python Exploits

6,688 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-116560 EXPLOITDB python VERIFIED
WinRadius 2.11 - Denial of Service
by npn
EIP-2026-116208 EXPLOITDB python VERIFIED
Sami FTP Server 2.0.1 - RETR Denial of Service
by Chako
CVE-2003-0001 EXPLOITDB python
FreeBSD - Information Exposure via Ethernet NIC Frame Padding
Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak.
by prdelka
CVE-2008-1610 EXPLOITDB python VERIFIED
TallSoft Quick TFTP Server Pro 2.1 - Buffer Overflow
Stack-based buffer overflow in TallSoft Quick TFTP Server Pro 2.1 allows remote attackers to cause a denial of service or execute arbitrary code via a long mode field in a read or write request.
by npn
EIP-2026-116057 EXPLOITDB python VERIFIED
PEStudio 3.69 - Denial of Service
by Debasish Mandal
EIP-2026-103108 EXPLOITDB python
Exim - 'sender_address' Remote Code Execution
by eKKiM
EIP-2026-110580 EXPLOITDB python VERIFIED
PHD Help Desk 2.12 - SQL Injection
by drone
CVE-2013-2765 EXPLOITDB python
ModSecurity < 2.7.4 - Denial of Service via Crafted Content-Type Header
The ModSecurity module before 2.7.4 for the Apache HTTP Server allows remote attackers to cause a denial of service (NULL pointer dereference, process crash, and disk consumption) via a POST request with a large body and a crafted Content-Type header.
by Younes JAAIDI
EIP-2026-118697 EXPLOITDB python VERIFIED
Intrasrv Simple Web Server 1.0 - Remote Code Execution (SEH)
by xis_one
EIP-2026-104569 EXPLOITDB python
CodeBlocks 12.11 (OSX) - Crash (PoC)
by ariarat
EIP-2026-103441 EXPLOITDB python VERIFIED
Code::Blocks - Denial of Service
by ariarat
EIP-2026-102130 EXPLOITDB python
YeaLink IP Phone Firmware 9.70.0.100 - Phone Call
by b0rh
EIP-2026-102078 EXPLOITDB python
TP-Link WR842ND - Remote Multiple SSID Directory Traversals
by Adam Simuntis
EIP-2026-105331 EXPLOITDB python
AVE.CMS 2.09 - 'index.php?module' Blind SQL Injection
by mr.pr0n
EIP-2026-101778 EXPLOITDB python
HP LaserJet Pro P1606dn - Webadmin Password Reset
by m3tamantra
CVE-2013-10033 EXPLOITDB CRITICAL python
Kimai 0.9.2.x - Unauthenticated SQL Injection via db_restore.php dates[] Parameter
An unauthenticated SQL injection vulnerability exists in Kimai version 0.9.2.x via the db_restore.php endpoint. The flaw allows attackers to inject arbitrary SQL queries into the dates[] POST parameter, enabling file write via INTO OUTFILE under specific environmental conditions. This can lead to remote code execution by writing a PHP payload to the web-accessible temporary directory. The vulnerability has been confirmed in versions including 0.9.2.beta, 0.9.2.1294.beta, and 0.9.2.1306-3.
by drone
EIP-2026-117726 EXPLOITDB python VERIFIED
Ophcrack 3.5.0 - Code Execution Local Buffer Overflow
by xis_one
CVE-2013-2028 EXPLOITDB python
nginx 1.3.9-1.4.0 - Remote Code Execution via Chunked Transfer-Encoding
The ngx_http_parse_chunked function in http/ngx_http_parse.c in nginx 1.3.9 through 1.4.0 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a chunked Transfer-Encoding request with a large chunk size, which triggers an integer signedness error and a stack-based buffer overflow.
by Mert SARICA
CVE-2013-0145 EXPLOITDB python VERIFIED
Serva32 2.1.0 - Buffer Overflow via TFTP Read Request
Buffer overflow in the TFTPD service in Serva32 2.1.0 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long string in a read request.
by Sapling
EIP-2026-115841 EXPLOITDB python VERIFIED
MiniWeb HTTP Server 300 - Crash (PoC)
by dmnt
EIP-2026-102935 EXPLOITDB python
No-IP Dynamic Update Client (DUC) 2.1.9 - Local IP Address Stack Overflow
by Alberto Ortega
EIP-2026-115536 EXPLOITDB python VERIFIED
Lan Messenger - sending PM 'UNICODE' Overwrite Buffer Overflow (SEH)
by ariarat
CVE-2012-6081 EXPLOITDB python VERIFIED
MoinMoin < 1.9.6 - Authenticated Remote Code Execution via File Upload
Multiple unrestricted file upload vulnerabilities in the (1) twikidraw (action/twikidraw.py) and (2) anywikidraw (action/anywikidraw.py) actions in MoinMoin before 1.9.6 allow remote authenticated users with write permissions to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory, as exploited in the wild in July 2012.
by HTP
CVE-2012-6495 EXPLOITDB python VERIFIED
MoinMoin < 1.9.6 - Authenticated Path Traversal and Arbitrary File Write via Twikidraw and Anywikidraw Actions
Multiple directory traversal vulnerabilities in the (1) twikidraw (action/twikidraw.py) and (2) anywikidraw (action/anywikidraw.py) actions in MoinMoin before 1.9.6 allow remote authenticated users with write permissions to overwrite arbitrary files via unspecified vectors. NOTE: this can be leveraged with CVE-2012-6081 to execute arbitrary code.
by HTP
CVE-2013-3336 EXPLOITDB python
Adobe ColdFusion <10 - Info Disclosure
Unspecified vulnerability in Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10 allows remote attackers to read arbitrary files via unknown vectors.
by HTP