Python Exploits

5,908 exploits tracked across all sources.

Sort: Activity Stars
CVE-2009-5067 EXPLOITDB python VERIFIED
Html2ps < 1.0 - Path Traversal
Directory traversal vulnerability in html2ps before 1.0b6 allows remote attackers to read arbitrary files via a .. (dot dot) in the "include file" SSI directive. NOTE: this issue only might be a vulnerability in limited scenarios, such as if html2ps is invoked by a web application, or if a user-assisted attacker provides filenames whose contents could cause a denial of service, such as certain devices.
by epiphant
CVE-2009-4661 EXPLOITDB python VERIFIED
BigAnt Server <2.50 SP6 - Buffer Overflow
Multiple buffer overflows in BigAnt Server 2.50 SP6 and earlier allow user-assisted remote attackers to cause a denial of service (application crash) via a crafted ZIP file that is not properly handled when the victim uses the (1) Update or (2) Plug-In console menu item.
by Dr_IDE
CVE-2009-3330 EXPLOITDB python VERIFIED
Cpecreator CP Creator - SQL Injection
SQL injection vulnerability in index.php in cP Creator 2.7.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the tickets parameter in a support ticket action.
by Sina Yazdanmehr
CVE-2009-4661 EXPLOITDB python VERIFIED
BigAnt Server <2.50 SP6 - Buffer Overflow
Multiple buffer overflows in BigAnt Server 2.50 SP6 and earlier allow user-assisted remote attackers to cause a denial of service (application crash) via a crafted ZIP file that is not properly handled when the victim uses the (1) Update or (2) Plug-In console menu item.
by Dr_IDE
CVE-2009-4660 EXPLOITDB python VERIFIED
BigAnt IM Server 2.50 - Buffer Overflow
Stack-based buffer overflow in the AntServer Module (AntServer.exe) in BigAnt IM Server 2.50 allows remote attackers to execute arbitrary code via a long GET request to TCP port 6660.
by hack4love
CVE-2009-4660 EXPLOITDB python VERIFIED
BigAnt IM Server 2.50 - Buffer Overflow
Stack-based buffer overflow in the AntServer Module (AntServer.exe) in BigAnt IM Server 2.50 allows remote attackers to execute arbitrary code via a long GET request to TCP port 6660.
by blake
EIP-2026-117895 EXPLOITDB python VERIFIED
SAP Player 0.9 - '.pla' Universal Local Buffer Overflow (SEH)
by mr_me
CVE-2008-5032 EXPLOITDB python VERIFIED
Videolan Vlc Media Player - Memory Corruption
Stack-based buffer overflow in VideoLAN VLC media player 0.5.0 through 0.9.5 might allow user-assisted attackers to execute arbitrary code via the header of an invalid CUE image file, related to modules/access/vcd/cdrom.c. NOTE: this identifier originally included an issue related to RealText, but that issue has been assigned a separate identifier, CVE-2008-5036.
by Dr_IDE
CVE-2008-0016 EXPLOITDB python VERIFIED
Mozilla Firefox <2.0.0.17 - Buffer Overflow
Stack-based buffer overflow in the URL parsing implementation in Mozilla Firefox before 2.0.0.17 and SeaMonkey before 1.1.12 allows remote attackers to execute arbitrary code via a crafted UTF-8 URL in a link.
by dmc
CVE-2009-3574 EXPLOITDB python VERIFIED
Tony Million Tuniac - Memory Corruption
Tuniac 090517c allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long File1 argument in a .pls playlist file, possibly a buffer overflow.
by zAx
EIP-2026-116089 EXPLOITDB python VERIFIED
PowerISO 4.0 - Local Buffer Overflow (PoC)
by Dr_IDE
CVE-2009-3545 EXPLOITDB python VERIFIED
Datawizard Ftpxq Server - Improper Input Validation
DataWizard Technologies FtpXQ FTP Server 3.0 allows remote authenticated users to cause a denial of service (crash) via a long ABOR command.
by PLATEN
EIP-2026-118715 EXPLOITDB python VERIFIED
Kolibri+ Web Server 2 - GET Remote Overwrite (SEH)
by blake
CVE-2009-3111 EXPLOITDB python VERIFIED
Freeradius < 1.1.7 - Denial of Service
The rad_decode function in FreeRADIUS before 1.1.8 allows remote attackers to cause a denial of service (radiusd crash) via zero-length Tunnel-Password attributes, as demonstrated by a certain module in VulnDisco Pack Professional 7.6 through 8.11. NOTE: this is a regression error related to CVE-2003-0967.
by Matthew Gillespie
CVE-2009-3670 EXPLOITDB python VERIFIED
Ksplayer Ksp Sound Player - Memory Corruption
Stack-based buffer overflow in KSP Sound Player 2009 R2 and R2.1 allows remote attackers to execute arbitrary code via a long string in a .m3u playlist file.
by hack4love
CVE-2009-5141 EXPLOITDB python VERIFIED
Jgaa Warftpd - Format String Vulnerability
Format string vulnerability in War FTP Daemon (warftpd) 1.82 RC 12 allows remote authenticated users to cause a denial of service (crash) via format string specifiers in a LIST command.
by corelanc0d3r
EIP-2026-115481 EXPLOITDB python VERIFIED
jetAudio 7.5.5 plus vx - '.M3U'/'.ASX'/'.WAX'/'.WVX' Local Crash (PoC)
by Dr_IDE
EIP-2026-115439 EXPLOITDB python VERIFIED
INMATRIX Zoom Player Pro 6.0.0 - '.mid' Integer Overflow (PoC)
by Dr_IDE
CVE-2009-20002 EXPLOITDB HIGH python VERIFIED
Millenium MP3 Studio <=2.0 - Buffer Overflow
Millenium MP3 Studio versions up to and including 2.0 is vulnerable to a stack-based buffer overflow when parsing .pls playlist files. The application fails to properly validate the length of the File1 field within the playlist, allowing an attacker to craft a malicious .pls file that overwrites the Structured Exception Handler (SEH) and executes arbitrary code. Exploitation requires the victim to open the file locally, though remote execution may be possible if the .pls extension is registered to the application and opened via a browser.
by hack4love
CVE-2007-4566 EXPLOITDB python VERIFIED
Alpha Centauri Software SIDVault <2.0f - RCE
Multiple buffer overflows in the login mechanism in sidvault in Alpha Centauri Software SIDVault LDAP Server before 2.0f allow remote attackers to execute arbitrary code via crafted LDAP packets, as demonstrated by a long dc entry in an LDAP bind.
by SkuLL-HackeR
CVE-2009-3364 EXPLOITDB python VERIFIED
Ftpshell - Memory Corruption
Stack-based buffer overflow in FTPShell Client 4.1 RC2 allows remote FTP servers to execute arbitrary code via a long response to a PASV command.
by His0k4
CVE-2009-3221 EXPLOITDB python VERIFIED
Basicunivers.free.fr Audio Lib Player - Memory Corruption
Stack-based buffer overflow in Audio Lib Player (ALP) allows remote attackers to execute arbitrary code via a long URL in a .m3u playlist file.
by blake
CVE-2007-4566 EXPLOITDB python VERIFIED
Alpha Centauri Software SIDVault <2.0f - RCE
Multiple buffer overflows in the login mechanism in sidvault in Alpha Centauri Software SIDVault LDAP Server before 2.0f allow remote attackers to execute arbitrary code via crafted LDAP packets, as demonstrated by a long dc entry in an LDAP bind.
by blake
CVE-2009-0927 EXPLOITDB HIGH python VERIFIED
Adobe Acrobat Reader < 7.1.1 - Improper Input Validation
Stack-based buffer overflow in Adobe Reader and Adobe Acrobat 9 before 9.1, 8 before 8.1.3 , and 7 before 7.1.1 allows remote attackers to execute arbitrary code via a crafted argument to the getIcon method of a Collab object, a different vulnerability than CVE-2009-0658.
by kralor
CVSS 8.8
CVE-2009-1643 EXPLOITDB python VERIFIED
Sorinara Soritong Mp3 Player - Memory Corruption
Stack-based buffer overflow in Sorinara Soritong MP3 Player 1.0 allows remote attackers to execute arbitrary code via a crafted .m3u file.
by hack4love
By Source
All 5,908 Writeup 57,446 Exploitdb 49,983 Nomisec 21,423 Metasploit 3,217 Github 2,519 Vulncheck_xdb 901 Inthewild 514 Gitlab 439 Gitee 415 Patchapalooza 312
By Language
text 31,329 python 5,908 ruby 5,906 c 3,561 perl 2,849 html 2,053 php 1,326 bash 459 java 362 c++ 250 javascript 215 shell 88 go 53 postscript 25 xml 24