Exploitdb Exploits

2,809 exploits tracked across all sources.

Sort: Activity Stars
CVE-2002-0740 EXPLOITDB perl VERIFIED
slrn - Local Privilege Escalation via Long -d Argument
Buffer overflow in slrnpull for the SLRN package, when installed setuid or setgid, allows local users to gain privileges via a long -d (SPOOLDIR) argument.
by zillion
CVE-2002-0741 EXPLOITDB perl VERIFIED
psyBNC 2.3 - Denial of Service via Long PASS Command
psyBNC 2.3 allows remote attackers to cause a denial of service (CPU consumption and resource exhaustion) by sending a PASS command with a long password argument and quickly killing the connection, which is not properly terminated by psyBNC.
by DVDMAN
CVE-2002-0552 EXPLOITDB perl VERIFIED
Melange Chat server 2.02 - Buffer Overflow via Long Argument or Configuration Line
Multiple buffer overflows in Melange Chat server 2.02 allow remote or local attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) a long argument in the /yell command, (2) long lines in the /etc/melange.conf configuration file, (3) long file names, or possibly other attacks.
by DVDMAN
CVE-2002-0486 EXPLOITDB perl VERIFIED
Intellisol Xpede 4.1 - Info Disclosure
Intellisol Xpede 4.1 uses weak encryption to store authentication information in cookies, which could allow local users with access to the cookies to gain privileges.
by c3rb3r
CVE-2002-0061 EXPLOITDB perl VERIFIED
Apache HTTP Server < 1.3.24 - Remote Code Execution via Shell Metacharacter Injection
Apache for Win32 before 1.3.24, and 2.0.x before 2.0.34-beta, allows remote attackers to execute arbitrary commands via shell metacharacters (a | pipe character) provided as arguments to batch (.bat) or .cmd scripts, which are sent unfiltered to the shell interpreter, typically cmd.exe.
by SPAX
CVE-2002-0436 EXPLOITDB perl VERIFIED
Sun Sunsolve CD sscd_suncourier.pl - CGI Command Execution
sscd_suncourier.pl CGI script in the Sun Sunsolve CD pack allows remote attackers to execute arbitrary commands via shell metacharacters in the email address parameter.
by Fyodor
CVE-2002-0431 EXPLOITDB perl VERIFIED
XTux - Denial of Service via Random Initial Connection Inputs
XTux allows remote attackers to cause a denial of service (CPU consumption) via random inputs in the initial connection.
by b0iler
CVE-2002-0430 EXPLOITDB perl VERIFIED
Sun Cobalt RaQ XTR - Unauthenticated Arbitrary File Write via Symlink Attack on Temporary File
MultiFileUploadHandler.php in the Sun Cobalt RaQ XTR administration interface allows local users to bypass authentication and overwrite arbitrary files via a symlink attack on a temporary file, followed by a request to MultiFileUpload.php.
by Wouter ter Maat
EIP-2026-114773 EXPLOITDB perl VERIFIED
Tower Toppler 0.99.1 - 'Display' Local Buffer Overflow
by Knud Erik Hojgaard
EIP-2026-103804 EXPLOITDB perl VERIFIED
Perl2Exe 1.0 9/5.0 2/6.0 - Code Obfuscation
by Simon Cozens
CVE-2002-0288 EXPLOITDB perl VERIFIED
Phusion Web Server 1.0 - Directory Traversal via Triple Dot Sequence
Directory traversal vulnerability in Phusion web server 1.0 allows remote attackers to read arbitrary files via a ... (triple dot dot) in the HTTP request.
by Alex Hernandez
CVE-2002-0288 EXPLOITDB perl VERIFIED
Phusion Web Server 1.0 - Directory Traversal via Triple Dot Sequence
Directory traversal vulnerability in Phusion web server 1.0 allows remote attackers to read arbitrary files via a ... (triple dot dot) in the HTTP request.
by Alex Hernandez
CVE-2002-0289 EXPLOITDB perl VERIFIED
Phusion Web Server 1.0 - Buffer Overflow via Long HTTP Request
Buffer overflow in Phusion web server 1.0 allows remote attackers to cause a denial of service and execute arbitrary code via a long HTTP request.
by Alex Hernandez
CVE-2002-0263 EXPLOITDB perl VERIFIED
EasyBoard 2000 1.27 - Remote Code Execution via Long Boundary Value in Multipart Content-Type Header
Buffer overflow in EasyBoard 2000 1.27 (aka EZboard) allows remote attackers to execute arbitrary code via a long boundary value in a multipart Content-Type header to (1) ezboard.cgi, (2) ezman.cgi, or (3) ezadmin.cgi.
by Jin Ho You
CVE-2002-0211 EXPLOITDB perl VERIFIED
Tarantella Enterprise <3.20 - Code Injection
Race condition in the installation script for Tarantella Enterprise 3 3.01 through 3.20 creates a world-writeable temporary "gunzip" program before executing it, which could allow local users to execute arbitrary commands by modifying the program before it is executed.
by Larry Cashdollar
CVE-2002-0502 EXPLOITDB perl VERIFIED
Citrix NFuse 1.6 - Unauthenticated Application Listing via applist.asp
Citrix NFuse 1.6 may allow remote attackers to list applications without authentication by accessing the applist.asp page.
by Ian Vitek
CVE-2002-0201 EXPLOITDB perl VERIFIED
Cyberstop Web Server 0.1 - Denial of Service via Long HTTP GET Request
Cyberstop Web Server for Windows 0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request, possibly triggering a buffer overflow.
by Alex Hernandez
CVE-2002-2026 EXPLOITDB perl VERIFIED
BrowseFTP Client 1.62 - Remote Code Execution via Long FTP 220 Message Reply
Buffer overflow in BrowseFTP 1.62 client allows remote FTP servers to execute arbitrary code via a long FTP "220" message reply.
by Kanatoko
CVE-2002-0209 EXPLOITDB perl VERIFIED
Nortel Alteon ACEdirector WebOS 9.0 - Info Disclosure
Nortel Alteon ACEdirector WebOS 9.0, with the Server Load Balancing (SLB) and Cookie-Based Persistence features enabled, allows remote attackers to determine the real IP address of a web server with a half-closed session, which causes ACEdirector to send packets from the server without changing the address to the virtual IP address.
by Dave Plonka
CVE-2001-1546 EXPLOITDB HIGH perl VERIFIED
Pathways Homecare 6.5 - Info Disclosure
Pathways Homecare 6.5 uses weak encryption for user names and passwords, which allows local users to gain privileges by recovering the passwords from the pwhc.ini file.
by shoeboy
CVSS 7.8
CVE-2001-0951 EXPLOITDB perl VERIFIED
Windows 2000 - Denial of Service via IKE UDP Port Flood
Windows 2000 allows remote attackers to cause a denial of service (CPU consumption) by flooding Internet Key Exchange (IKE) UDP port 500 with packets that contain a large number of dot characters.
by Nelson Brito
CVE-2001-0932 EXPLOITDB perl VERIFIED
Cooolsoft PowerFTP Server 2.03 - Buffer Overflow via Long Command
Buffer overflow in Cooolsoft PowerFTP Server 2.03 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long command.
by Alex Hernandez
CVE-2001-0932 EXPLOITDB perl VERIFIED
Cooolsoft PowerFTP Server 2.03 - Buffer Overflow via Long Command
Buffer overflow in Cooolsoft PowerFTP Server 2.03 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long command.
by Alex Hernandez
CVE-2001-0815 EXPLOITDB perl VERIFIED
ActivePerl < 5.6.1.629 - Remote Code Execution via Long Filename HTTP Request
Buffer overflow in PerlIS.dll in Activestate ActivePerl 5.6.1.629 and earlier allows remote attackers to execute arbitrary code via an HTTP request for a long filename that ends in a .pl extension.
by Sapient2003
EIP-2026-118700 EXPLOITDB perl VERIFIED
Ipswitch WS_FTP Server 1.0.x/2.0.x - 'STAT' Remote Buffer Overflow
by andreas
By Source
All 2,809 Writeup 62,507 Exploitdb 50,076 Nomisec 22,463 Github 3,681 Metasploit 3,315 Vulncheck_xdb 930 Inthewild 514 Gitlab 479 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,602 ruby 6,006 c 3,631 perl 2,849 html 2,076 php 1,333 bash 462 java 371 c++ 261 javascript 231 shell 133 go 73 postscript 25 typescript 25