Perl Exploits
2,854 exploits tracked across all sources.
phpBB <2.0.5 - SQL Injection
SQL injection vulnerability in viewtopic.php for phpBB 2.0.5 and earlier allows remote attackers to steal password hashes via the topic_id parameter.
by Rick Patel
PostgreSQL <1.2.9rc1 - SQL Injection
SQL injection vulnerability in the PostgreSQL authentication module (mod_sql_postgres) for ProFTPD before 1.2.9rc1 allows remote attackers to execute arbitrary SQL and gain privileges by bypassing authentication or stealing passwords via the USER name.
by Spaine
Mailtraq 2.1.0.1302 - User Password Encoding
by Noam Rathaus
mnoGoSearch <3.2.10 - RCE
Buffer overflow in search.cgi for mnoGoSearch 3.2.10 allows remote attackers to execute arbitrary code via a long tmplt parameter.
by pokleyzz
Mandrake Linux 8.2 - '/usr/mail' Local Overflow
by anonymous
mnoGoSearch 3.1.20 - RCE
Buffer overflow in search.cgi for mnoGoSearch 3.1.20 allows remote attackers to execute arbitrary code via a long ul parameter.
by inv
mnoGoSearch 3.1.20 - RCE
Buffer overflow in search.cgi for mnoGoSearch 3.1.20 allows remote attackers to execute arbitrary code via a long ul parameter.
by pokleyzz
Apache APR <2.0.46 - RCE/DoS
Vulnerability in the apr_psprintf function in the Apache Portable Runtime (APR) library for Apache 2.0.37 through 2.0.45 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long strings, as demonstrated using XML objects to mod_dav, and possibly other vectors.
by Matthew Murphy
Microsoft Internet Explorer <6.0 - RCE
Buffer overflow in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to execute arbitrary code via / (slash) characters in the Type property of an Object tag in a web page.
by alumni
ATFTP 0.7 - Timeout Command Line Argument Local Buffer Overflow
by Julien LANTHEA
KON kon2 <0.3.9b - RCE
Buffer overflow in KON kon2 0.3.9b and earlier allows local users to execute arbitrary code via a long -Coding command line argument.
by wsxz
Webfroot Shoutbox 2.32 - 'Expanded.php' Remote Command Execution
by _6mO_HaCk
IBM Aix - Buffer Overflow
Buffer overflow in lsmcode in AIX 4.3.3.
by watercloud
Webcortex Webstores 2000 - SQL Injection
SQL injection vulnerability in browse_items.asp in WebCortex WebStores 2000 6.0 allows remote attackers to gain unauthorized access and execute arbitrary commands via the Search_Text parameter.
by Bosen
RedHat 9.0 / Slackware 8.1 - '/bin/mail' Carbon Copy Field Buffer Overrun
GNU make <4.3.3 - Buffer Overflow
Buffer overflow in GNU make for IBM AIX 4.3.3, when installed setgid, allows local users to gain privileges via a long CC argument.
by watercloud
LVM for AIX <5.3 - Buffer Overflow
Multiple buffer overflows in LVM for AIX 5.1 and 5.2 allow local users to gain privileges via the (1) putlvcb or (2) getlvcb commands.
by watercloud
Webfroot Shoutbox 2.32 - Remote Command Execution
by pokleyzz
Webfroot Shoutbox < 2.32 (Apache) - Local File Inclusion / Remote Code Execution
by anonymous
IBM Aix - Race Condition
The Inventory Scout daemon (invscoutd) 1.3.0.0 and 2.0.2 for AIX 4.3.3 and 5.1 allows local users to gain privileges via a symlink attack on a command line argument (log file). NOTE: this might be related to CVE-2006-5002.
by watercloud
Gnome Batalla Naval 1.0.4 - RCE
Buffer overflow in gbnserver for Gnome Batalla Naval 1.0.4 allows remote attackers to execute arbitrary code via a long connection string.
by wsxz
Ifenslave 0.0.7 - Argument Local Buffer Overflow (1)
by jlanthea
Prishtina FTP client <1 - DoS/Buffer Overflow
Buffer overflow in Prishtina FTP client 1.x allows remote FTP servers to cause a denial of service (crash) and possibly execute arbitrary code via a long FTP banner.
by DHGROUP
Qualcomm Eudora - Symlink Following
Eudora 4.x allows remote attackers to bypass the user warning for executable attachments such as .exe, .com, and .bat by using a .lnk file that refers to the attachment, aka "Stealth Attachment."
by Paul Szabo
CVSS 7.5
Maelstrom Player 3.0.x - Argument Buffer Overflow (1)
by Luca Ercoli
By Source