Perl Exploits
2,849 exploits tracked across all sources.
mnogosearch 3.1.20 - Remote Code Execution via Long ul Parameter
Buffer overflow in search.cgi for mnoGoSearch 3.1.20 allows remote attackers to execute arbitrary code via a long ul parameter.
by inv
mnogosearch 3.1.20 - Remote Code Execution via Long ul Parameter
Buffer overflow in search.cgi for mnoGoSearch 3.1.20 allows remote attackers to execute arbitrary code via a long ul parameter.
by pokleyzz
Apache HTTP Server 2.0.37-2.0.45 - Denial of Service and Possible Remote Code Execution via Long Strings in apr_psprintf
Vulnerability in the apr_psprintf function in the Apache Portable Runtime (APR) library for Apache 2.0.37 through 2.0.45 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long strings, as demonstrated using XML objects to mod_dav, and possibly other vectors.
by Matthew Murphy
Microsoft Internet Explorer <6.0 - RCE
Buffer overflow in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to execute arbitrary code via / (slash) characters in the Type property of an Object tag in a web page.
by alumni
ATFTP 0.7 - Timeout Command Line Argument Local Buffer Overflow
by Julien LANTHEA
KON kon2 <0.3.9b - Remote Code Execution
Buffer overflow in KON kon2 0.3.9b and earlier allows local users to execute arbitrary code via a long -Coding command line argument.
by wsxz
Webfroot Shoutbox 2.32 - 'Expanded.php' Remote Command Execution
by _6mO_HaCk
IBM AIX 4.3.3 - Buffer Overflow in lsmcode
Buffer overflow in lsmcode in AIX 4.3.3.
by watercloud
WebCortex WebStores 2000 6.0 - SQL Injection via Search_Text Parameter
SQL injection vulnerability in browse_items.asp in WebCortex WebStores 2000 6.0 allows remote attackers to gain unauthorized access and execute arbitrary commands via the Search_Text parameter.
by Bosen
RedHat 9.0 / Slackware 8.1 - '/bin/mail' Carbon Copy Field Buffer Overrun
IBM AIX 4.3.3 - Local Privilege Escalation via GNU make CC Argument Buffer Overflow
Buffer overflow in GNU make for IBM AIX 4.3.3, when installed setgid, allows local users to gain privileges via a long CC argument.
by watercloud
IBM AIX 5.1-5.2 - Local Privilege Escalation via LVM putlvcb/getlvcb Buffer Overflow
Multiple buffer overflows in LVM for AIX 5.1 and 5.2 allow local users to gain privileges via the (1) putlvcb or (2) getlvcb commands.
by watercloud
Webfroot Shoutbox 2.32 - Remote Command Execution
by pokleyzz
Webfroot Shoutbox < 2.32 (Apache) - Local File Inclusion / Remote Code Execution
by anonymous
IBM AIX - Privilege Escalation via Symlink Attack on Inventory Scout Daemon Log File
The Inventory Scout daemon (invscoutd) 1.3.0.0 and 2.0.2 for AIX 4.3.3 and 5.1 allows local users to gain privileges via a symlink attack on a command line argument (log file). NOTE: this might be related to CVE-2006-5002.
by watercloud
Gnome Batalla Naval 1.0.4 - Remote Code Execution via Long Connection String
Buffer overflow in gbnserver for Gnome Batalla Naval 1.0.4 allows remote attackers to execute arbitrary code via a long connection string.
by wsxz
Ifenslave 0.0.7 - Argument Local Buffer Overflow (1)
by jlanthea
Prishtina FTP client <1 - DoS/Buffer Overflow
Buffer overflow in Prishtina FTP client 1.x allows remote FTP servers to cause a denial of service (crash) and possibly execute arbitrary code via a long FTP banner.
by DHGROUP
Qualcomm Eudora 4.x - Improper Link Resolution Before File Access
Eudora 4.x allows remote attackers to bypass the user warning for executable attachments such as .exe, .com, and .bat by using a .lnk file that refers to the attachment, aka "Stealth Attachment."
by Paul Szabo
CVSS 7.5
Maelstrom Player 3.0.x - Argument Buffer Overflow (1)
by Luca Ercoli
Maelstrom <= 3.0.6 - Buffer Overflow via Long Server Command Line Argument
Buffer overflow in Maelstrom 3.0.6, 3.0.5, and earlier allows local users to execute arbitrary code via a long -server command line argument.
by Luca Ercoli
cdrecord <2.0 - Privilege Escalation
Format string vulnerability in scsiopen.c of the cdrecord program in cdrtools 2.0 allows local users to gain privileges via format string specifiers in the dev parameter.
by anonymous
Snitz Forums 2000 < 3.4.04 - Cross-Site Scripting via Email Parameter
Cross-site scripting (XSS) vulnerability in register.asp in Snitz Forums 2000 3.4.04 and earlier allows remote attackers to inject arbitrary web script or HTML via javascript events in the Email parameter.
by anonymous
eServ 2.9x - Denial of Service via Memory Leak
Memory leak in eServ 2.9x allows remote attackers to cause a denial of service (memory exhaustion) via a large number of connections, whose memory is not freed when the connection is terminated.
by Matthew Murphy
CMailServer 4.0.2003.03 - Buffer Overflow
Multiple buffer overflows in the SMTP Service for ESMTP CMailServer 4.0.2003.03.27 allow remote attackers to execute arbitrary code via long (1) MAIL FROM or (2) RCPT TO commands.
by Dennis Rand
By Source