Perl Exploits
2,849 exploits tracked across all sources.
CMailServer 4.0.2003.03 - Buffer Overflow
Multiple buffer overflows in the SMTP Service for ESMTP CMailServer 4.0.2003.03.27 allow remote attackers to execute arbitrary code via long (1) MAIL FROM or (2) RCPT TO commands.
by Dennis Rand
Snitz Forums 2000 - 'register.asp' SQL Injection
by sharpiemarker
LTris 1.0.1 - Local Buffer Overflow via HOME Environment Variable
Buffer overflow in LTris 1.0.1 of FreeBSD Ports Collection 2003-02-25 and earlier allows local users to execute arbitrary code with gid "games" permission via a long HOME environment variable.
by Knud Erik Hojgaard
ListProc 8.2.09 - Buffer Overflow via Long ULISTPROC_UMASK Value
Buffer overflow in catmail for ListProc 8.2.09 and earlier allows remote attackers to execute arbitrary code via a long ULISTPROC_UMASK value.
by kf
Happycgi.com Happymall 4.3 and 4.4 - Remote Command Execution via File Parameter in normal_html.cgi or member_html.cgi
Happycgi.com Happymall 4.3 and 4.4 allows remote attackers to execute arbitrary commands via shell metacharacters in the file parameter for the (1) normal_html.cgi or (2) member_html.cgi scripts.
by Revin Aldi
Happycgi.com Happymall 4.3 and 4.4 - Remote Command Execution via File Parameter in normal_html.cgi or member_html.cgi
Happycgi.com Happymall 4.3 and 4.4 allows remote attackers to execute arbitrary commands via shell metacharacters in the file parameter for the (1) normal_html.cgi or (2) member_html.cgi scripts.
by Revin Aldi
Floosietek FTGate Pro Mail Server <1.22 - RCE
Multiple buffer overflows in Floosietek FTGate Pro Mail Server (FTGatePro) 1.22 allow remote attackers to execute arbitrary code via long (1) MAIL FROM or (2) RCPT TO commands.
by Dennis Rand
Floosietek FTGate Pro Mail Server <1.22 - RCE
Multiple buffer overflows in Floosietek FTGate Pro Mail Server (FTGatePro) 1.22 allow remote attackers to execute arbitrary code via long (1) MAIL FROM or (2) RCPT TO commands.
by Dennis Rand
youbin - Local Privilege Escalation via HOME Environment Variable
Buffer overflow in youbin allows local users to gain privileges via a long HOME environment variable.
by Knud Erik Hojgaard
CommuniGate Pro 3.1-4.0.6 - Session Hijacking via Referer Field Exposure
CommuniGate Pro 3.1 through 4.0.6 sends the session ID in the referer field for an HTTP request for an image, which allows remote attackers to hijack mail sessions via an e-mail with an IMG tag that references a malicious URL that captures the referer.
by Yaroslav Polyakov
IkonBoard <= 3.1.2a - Remote Code Execution via Lang Cookie Injection
FUNC.pm in IkonBoard 3.1.2a and earlier, including 3.1.1, does not properly cleanse the "lang" cookie when it contains illegal characters, which allows remote attackers to execute arbitrary code when the cookie is inserted into a Perl "eval" statement.
by snooq
Stockman Shopping Cart 7.8 - Arbitrary Command Execution
by Aleksey Sintsov
Opera Browser 6.05-7.10 - Heap-Based Buffer Overflow via Long Filename Extension
Heap-based buffer overflow in Opera 6.05 through 7.10 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a filename with a long extension.
by imagine & nesumin
3d-ftp 4.0 - Buffer Overflow via Long FTP Banner
Buffer overflow in 3D-FTP client 4.0 allows remote FTP servers to cause a denial of service (crash) and possibly execute arbitrary code via a long banner.
by Over_G
album.pl < 6.1 - Remote Command Execution via Alternative Configuration File
Album.pl 6.1 allows remote attackers to execute arbitrary commands, when an alternative configuration file is used, via unknown attack vectors.
Options Parsing Tool <3.18 - Buffer Overflow
Multiple buffer overflows in Options Parsing Tool (OPT) shared library 3.18 and earlier, when used in setuid programs, may allow local users to execute arbitrary code via long command line options that are fed into macros such as opt_warn_2, as used in functions such as opt_atoi.
by jlanthea
Microsoft IE - Buffer Overflow
Buffer overflow in URLMON.DLL in Microsoft Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute arbitrary code via an HTTP response containing long values in (1) Content-type and (2) Content-encoding fields.
by Jouko Pynnonen
SAP Database 7.3.0.29 - Privilege Escalation
Race condition in SDBINST for SAP database 7.3.0.29 creates critical files with world-writable permissions before initializing the setuid bits, which allows local attackers to gain root privileges by modifying the files before the permissions are changed.
by Larry W. Cashdollar
IBM AIX 4.3.3 - Local Buffer Overflow in errpt
Buffer overflow in errpt in AIX 4.3.3 allows local users to execute arbitrary code as root.
by watercloud
IkonBoard <= 3.1.2a - Remote Code Execution via Lang Cookie Injection
FUNC.pm in IkonBoard 3.1.2a and earlier, including 3.1.1, does not properly cleanse the "lang" cookie when it contains illegal characters, which allows remote attackers to execute arbitrary code when the cookie is inserted into a Perl "eval" statement.
by Nick Cleaton
Samba < 2.2.8a and 2.0.10 - Remote Code Execution via call_trans2open Buffer Overflow
Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code.
by H D Moore
By Source