Perl Exploits
2,854 exploits tracked across all sources.
Maelstrom <3.0.6-3.0.5 - RCE
Buffer overflow in Maelstrom 3.0.6, 3.0.5, and earlier allows local users to execute arbitrary code via a long -server command line argument.
by Luca Ercoli
cdrecord <2.0 - Privilege Escalation
Format string vulnerability in scsiopen.c of the cdrecord program in cdrtools 2.0 allows local users to gain privileges via format string specifiers in the dev parameter.
by anonymous
Snitz Communications Snitz Forums 2000 < 3.4.04 - XSS
Cross-site scripting (XSS) vulnerability in register.asp in Snitz Forums 2000 3.4.04 and earlier allows remote attackers to inject arbitrary web script or HTML via javascript events in the Email parameter.
by anonymous
eServ <2.9x - DoS
Memory leak in eServ 2.9x allows remote attackers to cause a denial of service (memory exhaustion) via a large number of connections, whose memory is not freed when the connection is terminated.
by Matthew Murphy
CMailServer 4.0.2003.03 - Buffer Overflow
Multiple buffer overflows in the SMTP Service for ESMTP CMailServer 4.0.2003.03.27 allow remote attackers to execute arbitrary code via long (1) MAIL FROM or (2) RCPT TO commands.
by Dennis Rand
CMailServer 4.0.2003.03 - Buffer Overflow
Multiple buffer overflows in the SMTP Service for ESMTP CMailServer 4.0.2003.03.27 allow remote attackers to execute arbitrary code via long (1) MAIL FROM or (2) RCPT TO commands.
by Dennis Rand
Snitz Forums 2000 - 'register.asp' SQL Injection
by sharpiemarker
Lgames Ltris - Memory Corruption
Buffer overflow in LTris 1.0.1 of FreeBSD Ports Collection 2003-02-25 and earlier allows local users to execute arbitrary code with gid "games" permission via a long HOME environment variable.
by Knud Erik Hojgaard
catmail <8.2.09 - RCE
Buffer overflow in catmail for ListProc 8.2.09 and earlier allows remote attackers to execute arbitrary code via a long ULISTPROC_UMASK value.
by kf
Happycgi.com Happymall <4.4 - RCE
Happycgi.com Happymall 4.3 and 4.4 allows remote attackers to execute arbitrary commands via shell metacharacters in the file parameter for the (1) normal_html.cgi or (2) member_html.cgi scripts.
by Revin Aldi
Happycgi.com Happymall <4.4 - RCE
Happycgi.com Happymall 4.3 and 4.4 allows remote attackers to execute arbitrary commands via shell metacharacters in the file parameter for the (1) normal_html.cgi or (2) member_html.cgi scripts.
by Revin Aldi
Floosietek FTGate Pro Mail Server <1.22 - RCE
Multiple buffer overflows in Floosietek FTGate Pro Mail Server (FTGatePro) 1.22 allow remote attackers to execute arbitrary code via long (1) MAIL FROM or (2) RCPT TO commands.
by Dennis Rand
Floosietek FTGate Pro Mail Server <1.22 - RCE
Multiple buffer overflows in Floosietek FTGate Pro Mail Server (FTGatePro) 1.22 allow remote attackers to execute arbitrary code via long (1) MAIL FROM or (2) RCPT TO commands.
by Dennis Rand
youbin - Buffer Overflow
Buffer overflow in youbin allows local users to gain privileges via a long HOME environment variable.
by Knud Erik Hojgaard
Stalker Communigate Pro - Information Disclosure
CommuniGate Pro 3.1 through 4.0.6 sends the session ID in the referer field for an HTTP request for an image, which allows remote attackers to hijack mail sessions via an e-mail with an IMG tag that references a malicious URL that captures the referer.
by Yaroslav Polyakov
IkonBoard <3.1.2a - RCE
FUNC.pm in IkonBoard 3.1.2a and earlier, including 3.1.1, does not properly cleanse the "lang" cookie when it contains illegal characters, which allows remote attackers to execute arbitrary code when the cookie is inserted into a Perl "eval" statement.
by snooq
Stockman Shopping Cart 7.8 - Arbitrary Command Execution
by Aleksey Sintsov
Opera Browser < 7.10 - Out-of-Bounds Write
Heap-based buffer overflow in Opera 6.05 through 7.10 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a filename with a long extension.
by imagine & nesumin
3d-ftp - Memory Corruption
Buffer overflow in 3D-FTP client 4.0 allows remote FTP servers to cause a denial of service (crash) and possibly execute arbitrary code via a long banner.
by Over_G
Mike Bobbitt Album.pl < 6.1 - Improper Input Validation
Album.pl 6.1 allows remote attackers to execute arbitrary commands, when an alternative configuration file is used, via unknown attack vectors.
Options Parsing Tool <3.18 - Buffer Overflow
Multiple buffer overflows in Options Parsing Tool (OPT) shared library 3.18 and earlier, when used in setuid programs, may allow local users to execute arbitrary code via long command line options that are fed into macros such as opt_warn_2, as used in functions such as opt_atoi.
by jlanthea
Microsoft IE - Buffer Overflow
Buffer overflow in URLMON.DLL in Microsoft Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute arbitrary code via an HTTP response containing long values in (1) Content-type and (2) Content-encoding fields.
by Jouko Pynnonen
SAP Database 7.3.0.29 - Privilege Escalation
Race condition in SDBINST for SAP database 7.3.0.29 creates critical files with world-writable permissions before initializing the setuid bits, which allows local attackers to gain root privileges by modifying the files before the permissions are changed.
by Larry W. Cashdollar
By Source