Python Exploits
6,607 exploits tracked across all sources.
POS Codekop v2.0 - Reflected Cross-Site Scripting via nm_member Parameter
POS Codekop v2.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the nm_member parameter at print.php.
by Amirhossein Bahramizadeh
CVSS 6.1
FuguHub < 8.1 - Remote Code Execution via CMS Docs Component
Real Time Logic FuguHub v8.1 and earlier was discovered to contain a remote code execution (RCE) vulnerability via the component /FuguHub/cmsdocs/.
by redfire359
CVSS 8.8
TP-Link TL-WR940N V4 - Buffer Overflow
TP-Link TL-WR940N V4 was discovered to contain a buffer overflow via the ipStart parameter at /userRpm/WanDynamicIpV6CfgRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request.
by Amirhossein Bahramizadeh
CVSS 9.9
winbizpayment <= 1.0.2 - Path Traversal via download.php
Prestashop winbizpayment <= 1.0.2 is vulnerable to Incorrect Access Control via modules/winbizpayment/downloads/download.php.
by Amirhossein Bahramizadeh
CVSS 7.5
Azure HDInsight - Cross-Site Scripting in Apache Ambari
Azure Apache Ambari Spoofing Vulnerability
by Amirhossein Bahramizadeh
CVSS 4.5
Bludit <3.13.1 - Authenticated File Download
Bludit versions before 3.13.1 contain an authenticated file download vulnerability in the Backup Plugin that allows logged-in users to access arbitrary files. Attackers can exploit the plugin's download functionality by manipulating file path parameters to read sensitive system files through directory traversal.
by Antonio Cuomo
CVSS 6.5
NCH Express Invoice 7.25 - Insufficiently Protected Credentials via Configuration File
NCH Express Invoice 7.25 allows local users to discover the cleartext password by reading the configuration file.
by Tejas Pingulkar
CVSS 7.8
Smart Office Web <20.28 - Info Disclosure
An issue was discovered in Smart Office Web 20.28 and earlier allows attackers to view sensitive information via DisplayParallelLogData.aspx.
by Tejas Pingulkar
CVSS 7.5
WP Sticky Social <= 1.0.1 - Cross-Site Request Forgery and Stored Cross-Site Scripting via Missing Nonce Validation
The WP Sticky Social plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.1. This is due to missing nonce validation in the ~/admin/views/admin.php file. This makes it possible for unauthenticated attackers to modify the plugin's settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
by Amirhossein Bahramizadeh
CVSS 6.1
Social Share, Social Login and Social Comments < 7.13.52 - Reflected Cross-Site Scripting
The Social Share, Social Login and Social Comments WordPress plugin before 7.13.52 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.
by Amirhossein Bahramizadeh
CVSS 6.1
SPIP < 4.2.1 - Remote Code Execution via Form Value Deserialization
SPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled. The fixed versions are 3.2.18, 4.0.10, 4.1.8, and 4.2.1.
by nuts7
CVSS 9.8
WordPress <5.4.1 - Info Disclosure
In affected versions of WordPress, a password reset link emailed to a user does not expire upon changing the user password. Access would be needed to the email account of the user by a malicious party for successful execution. This has been patched in version 5.4.1, along with all the previously affected versions via a minor release (5.3.3, 5.2.6, 5.1.5, 5.0.9, 4.9.14, 4.8.13, 4.7.17, 4.6.18, 4.5.21, 4.4.22, 4.3.23, 4.2.27, 4.1.30, 4.0.30, 3.9.31, 3.8.33, 3.7.33).
by Amirhossein Bahramizadeh
CVSS 6.1
Online Art Gallery Project 1.0 - Unauthenticated Arbitrary File Upload via adminHome.php
Projectworlds Online Art Gallery Project 1.0 allows unauthenticated users to perform arbitrary file uploads via the adminHome.php page. Note: This has been disputed as not a valid vulnerability.
by Ramil Mustafayev
CVSS 9.8
pyLoad js2py Python Execution
Code Injection in GitHub repository pyload/pyload prior to 0.5.0b3.dev31.
by Gabriel Lima
CVSS 9.8
Workreap < 2.2.2 - Unauthenticated Arbitrary File Upload via AJAX Temp File Uploader
The Workreap WordPress theme before 2.2.2 AJAX actions workreap_award_temp_file_uploader and workreap_temp_file_uploader did not perform nonce checks, or validate that the request is from a valid user in any other way. The endpoints allowed for uploading arbitrary files to the uploads/workreap-temp directory. Uploaded files were neither sanitized nor validated, allowing an unauthenticated visitor to upload executable code such as php scripts.
by Mohammad Hossein Khanaki
CVSS 9.8
Thruk < 3.06.2 - Path Traversal via Panorama Location Parameter
Thruk is a multibackend monitoring webinterface which currently supports Naemon, Icinga, Shinken and Nagios as backends. In versions 3.06 and prior, the file `panorama.pm` is vulnerable to a Path Traversal vulnerability which allows an attacker to upload a file to any folder which has write permissions on the affected system. The parameter location is not filtered, validated or sanitized and it accepts any kind of characters. For a path traversal attack, the only characters required were the dot (`.`) and the slash (`/`). A fix is available in version 3.06.2.
by Galoget Latorre
CVSS 6.5
WordPress File Manager Advanced Shortcode <2.3.2 - RCE
The File Manager Advanced Shortcode WordPress plugin through 2.3.2 does not adequately prevent uploading files with disallowed MIME types when using the shortcode. This leads to RCE in cases where the allowed MIME type list does not include PHP files. In the worst case, this is available to unauthenticated users.
by Mateus Machado Tesser
CVSS 9.8
PHPGurukul Online Security Guards Hiring System 1.0 - Cross-Site Scripting via search-request.php searchdata Parameter
A vulnerability was found in PHPGurukul Online Security Guards Hiring System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file search-request.php. The manipulation of the argument searchdata with the input "><script>alert(document.domain)</script> leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-219596.
by AFFAN AHMED
CVSS 3.5
Sourcecodester Faculty Evaluation System v1.0 - RCE
Sourcecodester Faculty Evaluation System v1.0 is vulnerable to arbitrary code execution via /eval/ajax.php?action=save_user.
by URGAN
CVSS 7.2
Cloudogu GmbH SCM Manager <1.60 - XSS
A stored cross-site scripting (XSS) vulnerability in Cloudogu GmbH SCM Manager v1.2 to v1.60 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Description text field.
by neg0x
CVSS 5.4
Screen SFT DAB 600/C Firmware 1.9.3 - Auth Bypass
Screen SFT DAB 600/C Firmware 1.9.3 contains a weak session management vulnerability that allows attackers to bypass authentication controls by reusing IP-bound session identifiers. Attackers can exploit the vulnerable deviceManagement API endpoint to reset device configurations by sending crafted POST requests with manipulated session parameters.
by LiquidWorm
CVSS 7.5
Screen SFT DAB 600/C firmware <1.9.3 - Auth Bypass
Screen SFT DAB 600/C firmware 1.9.3 contains a session management vulnerability that allows attackers to bypass authentication controls by exploiting IP address session binding. Attackers can reuse the same IP address and issue unauthorized requests to the userManager API to change user passwords without proper authentication.
by LiquidWorm
CVSS 7.5
Screen SFT DAB 600/C Firmware 1.9.3 - Auth Bypass
Screen SFT DAB 600/C Firmware 1.9.3 contains a session management vulnerability that allows attackers to bypass authentication controls by exploiting IP address session binding. Attackers can reuse the same IP address and issue unauthorized requests to the userManager API to remove user accounts without proper authentication.
by LiquidWorm
CVSS 9.8
Screen SFT DAB 600/C 1.9.3 - Auth Bypass
Screen SFT DAB 600/C firmware 1.9.3 contains an authentication bypass vulnerability that allows attackers to change the admin password without requiring the current credentials. Attackers can exploit the userManager.cgx API endpoint by sending a crafted POST request with a new MD5-hashed password to directly modify the admin account's authentication.
by LiquidWorm
CVSS 7.5
Screen SFT DAB 1.9.3 - Authentication Bypass via Session Fixation
Screen SFT DAB 1.9.3 contains an authentication bypass vulnerability that allows attackers to exploit weak session management by reusing IP-bound session identifiers. Attackers can issue unauthorized requests to the device management API by leveraging the session binding mechanism to perform critical operations on the transmitter.
by LiquidWorm
CVSS 8.8
By Source