Perl Exploits

2,854 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-117975 EXPLOITDB perl VERIFIED
Super Player 3500 - '.m3u' Local Stack Buffer Overflow
by jun
CVE-2006-6199 EXPLOITDB perl VERIFIED
Blazevideo Blaze Dvd - Memory Corruption
Stack-based buffer overflow in BlazeVideo BlazeDVD Standard and Professional 5.0, and possibly earlier, allows remote attackers to execute arbitrary code via a long filename in a PLF playlist.
by PuN1sh3r
CVE-2013-4123 EXPLOITDB perl VERIFIED
Squid - Improper Input Validation
client_side_request.cc in Squid 3.2.x before 3.2.13 and 3.3.x before 3.3.8 allows remote attackers to cause a denial of service via a crafted port number in a HTTP Host header.
by kingcope
CVE-2013-2028 EXPLOITDB perl
F5 Nginx < 1.4.0 - Out-of-Bounds Write
The ngx_http_parse_chunked function in http/ngx_http_parse.c in nginx 1.3.9 through 1.4.0 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a chunked Transfer-Encoding request with a large chunk size, which triggers an integer signedness error and a stack-based buffer overflow.
by kingcope
CVE-2013-4786 EXPLOITDB HIGH perl VERIFIED
IPMI 2.0 - Info Disclosure
The IPMI 2.0 specification supports RMCP+ Authenticated Key-Exchange Protocol (RAKP) authentication, which allows remote attackers to obtain password hashes and conduct offline password guessing attacks by obtaining the HMAC from a RAKP message 2 response from a BMC.
by Dan Farmer
CVSS 7.5
EIP-2026-114970 EXPLOITDB perl VERIFIED
Baby FTP Server 1.24 - Denial of Service (1)
by Chako
EIP-2026-101443 EXPLOITDB perl
Seowonintech Devices - Remote Command Execution
by Todor Donev
EIP-2026-115884 EXPLOITDB perl VERIFIED
MusicBee 2.0.4663 - '.m3u' Denial of Service
by Chako
CVE-2013-3684 EXPLOITDB CRITICAL perl VERIFIED
Imagely Nextgen Gallery < 1.9.13 - Unrestricted File Upload
NextGEN Gallery plugin before 1.9.13 for WordPress: ngggallery.php file upload
by Marcos Garcia
CVSS 9.8
EIP-2026-101990 EXPLOITDB perl
Seowonintech Routers fw: 2.3.9 - File Disclosure
by Todor Donev
EIP-2026-109346 EXPLOITDB perl VERIFIED
Matterdaddy Market - Multiple Vulnerabilities
by KedAns-Dz
EIP-2026-116732 EXPLOITDB perl VERIFIED
Adrenalin Player 2.2.5.3 - '.m3u' Local Buffer Overflow (SEH)
by seaofglass
EIP-2026-115805 EXPLOITDB perl VERIFIED
Microsoft Windows Media Player 11.0.0 - '.wav' Crash (PoC)
by Asesino04
EIP-2026-119382 EXPLOITDB perl
Ipswitch IMail 11.01 - Cross-Site Scripting
by DaOne
CVE-2005-0575 EXPLOITDB perl VERIFIED
Stormy Studios Knet - Buffer Overflow
Buffer overflow in Stormy Studios Knet 1.04c and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long HTTP GET request.
by Wireghoul
CVE-2013-0238 EXPLOITDB perl
Ircd-hybrid < 8.0.5 - Improper Input Validation
The try_parse_v4_netmask function in hostmask.c in IRCD-Hybrid before 8.0.6 does not properly validate masks, which allows remote attackers to cause a denial of service (crash) via a mask that causes a negative number to be parsed.
by kingcope
EIP-2026-115422 EXPLOITDB perl VERIFIED
IconCool MP3 WAV Converter 3.00 Build 120518 - Stack Buffer Overflow
by G0li47h
CVE-2013-3522 EXPLOITDB perl VERIFIED
Vbulletin - SQL Injection
SQL injection vulnerability in index.php/ajax/api/reputation/vote in vBulletin 5.0.0 Beta 11, 5.0.0 Beta 28, and earlier allows remote authenticated users to execute arbitrary SQL commands via the nodeid parameter.
by Orestis Kourides
EIP-2026-102030 EXPLOITDB perl
StarVedia IPCamera IC502w IC502w+ v020313 - 'Username'/Password Disclosure
by Todor Donev
EIP-2026-105619 EXPLOITDB perl VERIFIED
Brewthology 0.1 - SQL Injection
by cr4wl3r
EIP-2026-115518 EXPLOITDB perl VERIFIED
KMPlayer - Denial of Service
by Jigsaw
CVE-2013-1359 EXPLOITDB CRITICAL perl
Sonicwall Analyzer - Authentication Bypass
An Authentication Bypass Vulnerability exists in DELL SonicWALL Analyzer 7.0, Global Management System (GMS) 4.1, 5.0, 5.1, 6.0, and 7.0; Universal Management Appliance (UMA) 5.1, 6.0, and 7.0 and ViewPoint 4.1, 5.0, 5.1, and 6.0 via the skipSessionCheck parameter to the UMA interface (/appliance/), which could let a remote malicious user obtain access to the root account.
by Nikolas Sotiriu
CVSS 9.8
CVE-2012-5627 EXPLOITDB perl VERIFIED
Oracle Mysql < 5.5.29 - Insufficiently Protected Credentials
Oracle MySQL and MariaDB 5.5.x before 5.5.29, 5.3.x before 5.3.12, and 5.2.x before 5.2.14 does not modify the salt during multiple executions of the change_user command within the same connection which makes it easier for remote authenticated users to conduct brute force password guessing attacks.
by kingcope
CVE-2012-5615 EXPLOITDB perl VERIFIED
Oracle MySQL <5.5.38 & MariaDB <5.5.28a - Info Disclosure
Oracle MySQL 5.5.38 and earlier, 5.6.19 and earlier, and MariaDB 5.5.28a, 5.3.11, 5.2.13, 5.1.66, and possibly other versions, generates different error messages with different time delays depending on whether a user name exists, which allows remote attackers to enumerate valid usernames.
by kingcope
CVE-2012-5613 EXPLOITDB perl VERIFIED
MySQL <5.5.19 & MariaDB <5.5.28a - Privilege Escalation
MySQL 5.5.19 and possibly other versions, and MariaDB 5.5.28a and possibly other versions, when configured to assign the FILE privilege to users who should not have administrative privileges, allows remote authenticated users to gain privileges by leveraging the FILE privilege to create files as the MySQL administrator. NOTE: the vendor disputes this issue, stating that this is only a vulnerability when the administrator does not follow recommendations in the product's installation documentation. NOTE: it could be argued that this should not be included in CVE because it is a configuration issue.
by kingcope
By Source
All 2,854 Exploitdb 50,123 Writeup 46,586 Nomisec 21,111 Metasploit 3,189 Github 2,219 Vulncheck_xdb 900 Inthewild 518 Gitlab 438 Gitee 415 Patchapalooza 312
By Language
text 31,341 ruby 5,920 python 5,725 c 3,550 perl 2,854 html 2,054 php 1,334 bash 459 java 359 javascript 256 c++ 245 shell 67 go 41 postscript 25 xml 24