Python Exploits
6,700 exploits tracked across all sources.
osCommerce Visitor Web Stats AddOn - 'Accept-Language' Header SQL Injection
by Christopher Schramm
VideoLAN VLC Media Player 1.0.6 - '.avi' Media File Crash (PoC)
by Dr_IDE
Home FTP Server 1.10.2.143 - Directory Traversal
by John Leitch
Webby Webserver 1.01 - Remote Code Execution via Long HTTP GET Request
Buffer overflow in Webby Webserver 1.01 allows remote attackers to execute arbitrary code via a long HTTP GET request.
by m-1-k-3
(Gabriel's FTP Server) Open & Compact FTP Server 1.2 - Universal Denial of Service
by Dr_IDE
com_qpersonel < 1.0.2 - SQL Injection via katid Parameter
SQL injection vulnerability in the Q-Personel (com_qpersonel) component 1.0.2 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the katid parameter in a qpListele action to index.php.
by Valentin Hoebel
(Gabriel's FTP Server) Open & Compact FTP Server 1.2 - 'PORT' Remote Denial of Service
by Ma3sTr0-Dz
Entry Level Content Management System (EL CMS) - SQL Injection
by vir0e5
Typsoft FTP Server < 1.11 - Denial of Service via Multiple RETR Commands
Typsoft FTP Server 1.11, with "Sub Directory Include" enabled, allows remote attackers to cause a denial of service (crash) by sending multiple RETR commands. NOTE: it was later reported that 1.10 is also affected.
by Jeremiah Talamantes
SmallFTPd 1.0.3 - 'DELE' Denial of Service
by Jeremiah Talamantes
Windows Vista and Server 2008 - Remote Code Execution via SMBv2 Negotiate Protocol Request
Array index error in the SMBv2 protocol implementation in srv2.sys in Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold and SP2, and Windows 7 RC allows remote attackers to execute arbitrary code or cause a denial of service (system crash) via an & (ampersand) character in a Process ID High header field in a NEGOTIATE PROTOCOL REQUEST packet, which triggers an attempted dereference of an out-of-bounds memory location, aka "SMBv2 Negotiation Vulnerability." NOTE: some of these details are obtained from third party information.
by Jelmer de Hen
ESET Smart Security 4.2 and NOD32 AntiVirus 4.2 (x86/x64) - LZH archive parsing (PoC)
by Oleksiuk Dmitry_ eSage Lab
BaoFeng Storm - '.m3u' File Processing Buffer Overflow
by Lufeng Li & Qingshan Li
TFTPUtil GUI 1.4.5 - Buffer Overflow via Long Transport Mode
Buffer overflow in k23productions TFTPUtil GUI (aka TFTPGUI) 1.4.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long transport mode.
by Jeremiah Talamantes
RealVNC 4.1.3 - 'ClientCutText' Message Remote Denial of Service
by John Leitch
Bigant Messenger 2.52 - 'AntCore.dll RegisterCom()' Remote Heap Overflow
by mr_me
avast! 4.8-5.0.418.0 - Local Privilege Escalation
Aavmker4.sys in avast! 4.8 through 4.8.1368.0 and 5.0 before 5.0.418.0 running on Windows 2000 and XP does not properly validate input to IOCTL 0xb2d60030, which allows local users to cause a denial of service (system crash) or execute arbitrary code to gain privileges via IOCTL requests using crafted kernel addresses that trigger memory corruption.
by ryujin
IDEAL Migration 2009 4.5.1 - Local Buffer Overflow
by Dr_IDE
IDEAL Administration 2010 10.2 - Local Buffer Overflow
by Dr_IDE
ZipGenius 6.3.1.2552 - Stack-Based Buffer Overflow via Long Filename in ZIP Entry
Stack-based buffer overflow in zgtips.dll in ZipGenius 6.3.1.2552 allows user-assisted remote attackers to execute arbitrary code via a ZIP file containing an entry with a long filename.
by corelanc0d3r
By Source