Perl Exploits
2,854 exploits tracked across all sources.
sscdd_suncourier.pl - RCE
sscd_suncourier.pl CGI script in the Sun Sunsolve CD pack allows remote attackers to execute arbitrary commands via shell metacharacters in the email address parameter.
by Fyodor
Dave Lawrence Xtux - Denial of Service
XTux allows remote attackers to cause a denial of service (CPU consumption) via random inputs in the initial connection.
by b0iler
Sun Cobalt RaQ XTR - Auth Bypass
MultiFileUploadHandler.php in the Sun Cobalt RaQ XTR administration interface allows local users to bypass authentication and overwrite arbitrary files via a symlink attack on a temporary file, followed by a request to MultiFileUpload.php.
by Wouter ter Maat
Tower Toppler 0.99.1 - 'Display' Local Buffer Overflow
by Knud Erik Hojgaard
Bbshareware.com Phusion Webserver - Path Traversal
Directory traversal vulnerability in Phusion web server 1.0 allows remote attackers to read arbitrary files via a ... (triple dot dot) in the HTTP request.
by Alex Hernandez
Bbshareware.com Phusion Webserver - Path Traversal
Directory traversal vulnerability in Phusion web server 1.0 allows remote attackers to read arbitrary files via a ... (triple dot dot) in the HTTP request.
by Alex Hernandez
Bbshareware.com Phusion Webserver - Buffer Overflow
Buffer overflow in Phusion web server 1.0 allows remote attackers to cause a denial of service and execute arbitrary code via a long HTTP request.
by Alex Hernandez
Ezne.net Ezboard 2000 - Buffer Overflow
Buffer overflow in EasyBoard 2000 1.27 (aka EZboard) allows remote attackers to execute arbitrary code via a long boundary value in a multipart Content-Type header to (1) ezboard.cgi, (2) ezman.cgi, or (3) ezadmin.cgi.
by Jin Ho You
Tarantella Enterprise <3.20 - Code Injection
Race condition in the installation script for Tarantella Enterprise 3 3.01 through 3.20 creates a world-writeable temporary "gunzip" program before executing it, which could allow local users to execute arbitrary commands by modifying the program before it is executed.
by Larry Cashdollar
Citrix NFuse 1.6 - Info Disclosure
Citrix NFuse 1.6 may allow remote attackers to list applications without authentication by accessing the applist.asp page.
by Ian Vitek
Cyberstop Web Server - Buffer Overflow
Cyberstop Web Server for Windows 0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request, possibly triggering a buffer overflow.
by Alex Hernandez
Browseftp Client - Buffer Overflow
Buffer overflow in BrowseFTP 1.62 client allows remote FTP servers to execute arbitrary code via a long FTP "220" message reply.
by Kanatoko
Nortel Alteon ACEdirector WebOS 9.0 - Info Disclosure
Nortel Alteon ACEdirector WebOS 9.0, with the Server Load Balancing (SLB) and Cookie-Based Persistence features enabled, allows remote attackers to determine the real IP address of a web server with a half-closed session, which causes ACEdirector to send packets from the server without changing the address to the virtual IP address.
by Dave Plonka
Pathways Homecare 6.5 - Info Disclosure
Pathways Homecare 6.5 uses weak encryption for user names and passwords, which allows local users to gain privileges by recovering the passwords from the pwhc.ini file.
by shoeboy
CVSS 7.8
Microsoft Windows 2000 - Denial of Service
Windows 2000 allows remote attackers to cause a denial of service (CPU consumption) by flooding Internet Key Exchange (IKE) UDP port 500 with packets that contain a large number of dot characters.
by Nelson Brito
Cooolsoft Powerftp - Buffer Overflow
Buffer overflow in Cooolsoft PowerFTP Server 2.03 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long command.
by Alex Hernandez
Cooolsoft Powerftp - Buffer Overflow
Buffer overflow in Cooolsoft PowerFTP Server 2.03 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long command.
by Alex Hernandez
Activestate Activeperl < 5.6.1.629 - Buffer Overflow
Buffer overflow in PerlIS.dll in Activestate ActivePerl 5.6.1.629 and earlier allows remote attackers to execute arbitrary code via an HTTP request for a long filename that ends in a .pl extension.
by Sapient2003
Ipswitch WS_FTP Server 1.0.x/2.0.x - 'STAT' Remote Buffer Overflow
by andreas
Mountain Network Systems WebCart 8.4 - Command Injection
webcart.cgi in Mountain Network Systems WebCart 8.4 allows remote attackers to execute arbitrary commands via shell metacharacters in the NEXTPAGE parameter.
Oracle Application Server Web Cache - Buffer Overflow
Buffer overflow in Oracle9iAS Web Cache 2.0.0.1 allows remote attackers to execute arbitrary code via a long HTTP GET request.
by andreas
AmTote International - Info Disclosure
AmTote International homebet program stores the homebet.log file in the homebet/ virtual directory, which allows remote attackers to steal account and PIN numbers.
by Gary O'Leary-Steele
AmTote International - Info Disclosure
AmTote International homebet program returns different error messages when invalid account numbers and PIN codes are provided, which allows remote attackers to determine the existence of valid account numbers via a brute force attack.
by Gary O'Leary-Steele
EFTP 2.0.7.337 - Path Traversal
Directory traversal vulnerability in EFTP 2.0.7.337 allows remote authenticated users to reveal directory contents via a .. (dot dot) in the (1) LIST, (2) QUOTE SIZE, and (3) QUOTE MDTM commands.
by byterage
By Source