Python Exploits
6,606 exploits tracked across all sources.
request-baskets < 1.2.1 - Server-Side Request Forgery via /api/baskets/{name} Endpoint
request-baskets up to v1.2.1 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /api/baskets/{name}. This vulnerability allows attackers to access network resources and sensitive information via a crafted API request.
by dugisan3rd
CVSS 6.5
TeamCity < 2023.11.4 - Authentication Bypass
In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions was possible
by Stuub
Apache HTTP Server < 2.4.62 - Server-Side Request Forgery via mod_rewrite on Windows
SSRF in Apache HTTP Server on Windows with mod_rewrite in server/vhost context, allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests.
Users are recommended to upgrade to version 2.4.62 which fixes this issue.
by TAM-K592
OpenSSH - DoS
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
by Ap0dexMe0
WordPress Automatic Plugin <= 3.92.0 - SQL Injection
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ValvePress Automatic allows SQL Injection.This issue affects Automatic: from n/a through 3.92.0.
by Ap0dexMe0
Sharp and Toshiba Tec MFPs - Unprotected Sensitive Data Exposure via World-Readable Coredump Files
Affected devices create coredump files when crashed, storing them with world-readable permission. Any local user of the device can examine the coredump files, and research the memory contents. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References].
by Stuub
Zyxel NAS326 <V5.21(AAZF.17)C0 - Privilege Escalation
** UNSUPPORTED WHEN ASSIGNED **
The improper privilege management vulnerability in the command “show_allsessions” in Zyxel NAS326 firmware versions before V5.21(AAZF.17)C0 and NAS542 firmware versions before V5.21(ABAG.14)C0 could allow an authenticated attacker to obtain a logged-in administrator’s session information containing cookies on an affected device.
by Pommaq
Zyxel NAS326 <V5.21(AAZF.17)C0 - Privilege Escalation
** UNSUPPORTED WHEN ASSIGNED **
The improper privilege management vulnerability in the SUID executable binary in Zyxel NAS326 firmware versions before V5.21(AAZF.17)C0 and NAS542 firmware versions before V5.21(ABAG.14)C0 could allow an authenticated local attacker with administrator privileges to execute some system commands as the “root” user on a vulnerable device.
by Pommaq
Zyxel NAS326 <V5.21(AAZF.17)C0 - RCE
** UNSUPPORTED WHEN ASSIGNED **
The remote code execution vulnerability in the CGI program “file_upload-cgi” in Zyxel NAS326 firmware versions before V5.21(AAZF.17)C0 and NAS542 firmware versions before V5.21(ABAG.14)C0 could allow an unauthenticated attacker to execute arbitrary code by uploading a crafted configuration file to a vulnerable device.
by Pommaq
Zyxel NAS326 <V5.21(AAZF.17)C0 - Command Injection
** UNSUPPORTED WHEN ASSIGNED **
The command injection vulnerability in the “setCookie” parameter in Zyxel NAS326 firmware versions before V5.21(AAZF.17)C0 and NAS542 firmware versions before V5.21(ABAG.14)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted HTTP POST request.
by Pommaq
Poultry Farm Management System v1.0 - Remote Code Execution (RCE)
by Jerry Thomas
SolarWinds Platform < 2024.2 - Race Condition in Web Console
The SolarWinds Platform was determined to be affected by a Race Condition Vulnerability affecting the web console.
by Elhussain Fathy
CVSS 6.4
Windows Wi-Fi Driver - Remote Code Execution
Windows Wi-Fi Driver Remote Code Execution Vulnerability
by 52by
PHP < 8.3.8 - Remote Code Execution (Unauthenticated) (Windows)
by Yesith Alvarez
react-pdf <7.7.3 and 8.0.0-8.0.2 - PDF.js JavaScript Execution
react-pdf displays PDFs in React apps. If PDF.js is used to load a malicious PDF, and PDF.js is configured with `isEvalSupported` set to `true` (which is the default value), unrestricted attacker-controlled JavaScript will be executed in the context of the hosting domain. This vulnerability is fixed in 7.7.3 and 8.0.2.
by LOURC0D3
Progress Telerik Report Server < 10.0.24.130 - Remote Code Execution via Insecure Deserialization
In Progress® Telerik® Report Server versions prior to 2024 Q1 (10.0.24.130), a remote code execution attack is possible through an insecure deserialization vulnerability.
by sinsinology
Internet Information Services 6.0 - Remote Code Execution via WebDAV PROPFIND Request
Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: <http://" in a PROPFIND request, as exploited in the wild in July or August 2016.
by BasyacatX
Malicious Git HTTP Server For CVE-2017-1000117
A malicious third-party can give a crafted "ssh://..." URL to an unsuspecting victim, and an attempt to visit the URL can result in any program that exists on the victim's machine being executed. Such a URL could be placed in the .gitmodules file of a malicious project, and an unsuspecting victim could be tricked into running "git clone --recurse-submodules" to trigger the vulnerability.
by BasyacatX
WBCE CMS 1.6.2 - Authenticated Remote Code Execution via Elfinder File Upload
WBCE CMS version 1.6.2 contains a remote code execution vulnerability that allows authenticated attackers to upload malicious PHP files through the Elfinder file manager. Attackers can exploit the file upload functionality in the elfinder connector to upload a web shell and execute arbitrary system commands through a user-controlled parameter.
by Ahmet Ümit BAYRAM
CVSS 8.8
Serendipity 2.5.0 - Authenticated Remote Code Execution via Media Upload
Serendipity 2.5.0 contains a remote code execution vulnerability that allows authenticated administrators to upload malicious PHP files through the media upload functionality. Attackers can exploit the file upload mechanism by creating a PHP shell with a command execution form that enables arbitrary system command execution on the web server.
by Ahmet Ümit BAYRAM
CVSS 7.2
Dotclear 2.29 - Authenticated Remote Code Execution via Media Upload
Dotclear 2.29 contains a remote code execution vulnerability that allows authenticated attackers to upload malicious PHP files through the media upload functionality. Attackers can exploit the file upload process by crafting a PHP shell with a command execution form to gain system access through the uploaded file.
by Ahmet Ümit BAYRAM
CVSS 8.8
appRain CMF 4.0.5 - Authenticated Remote Code Execution via Filemanager Upload
appRain CMF 4.0.5 contains an authenticated remote code execution vulnerability that allows administrative users to upload malicious PHP files through the filemanager upload endpoint. Attackers can leverage authenticated access to generate a web shell with command execution capabilities by uploading a crafted PHP file to the site's uploads directory.
by Ahmet Ümit BAYRAM
CVSS 8.8
Monstra CMS 3.0.4 - Remote Code Execution (RCE)
by Ahmet Ümit BAYRAM
Aquatronica Controller System <= 5.1.6 - Information Disclosure
An information disclosure vulnerability exists in Aquatronica Controller System firmware versions <= 5.1.6 and web interface versions <= 2.0. The tcp.php endpoint fails to restrict unauthenticated access, allowing remote attackers to issue crafted POST requests and retrieve sensitive configuration data, including plaintext administrative credentials. Exploitation of this flaw can lead to full compromise of the system, enabling unauthorized manipulation of connected devices and aquarium parameters.
by LiquidWorm
changedetection < 0.45.20 - Remote Code Execution (RCE)
by Zach Crosman (zcrosman)
By Source