Perl Exploits
2,849 exploits tracked across all sources.
TomatoSoft Free Mp3 Player 1.0 - Denial of Service via Long String in MP3 File
TomatoSoft Free Mp3 Player 1.0 allows remote attackers to cause a denial of service (application crash) via a long string in an MP3 file, possibly a buffer overflow.
by JaMbA
mPDF < 5.3 - Path Traversal via Filename Parameter
Directory traversal vulnerability in examples/show_code.php in mPDF 5.3 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter.
by ZadYree
zFTPServer Suite 6.0.0.52 - Authenticated Path Traversal via RMD Command
Directory traversal vulnerability in zFTPServer Suite 6.0.0.52 allows remote authenticated users to delete arbitrary directories via a crafted RMD (aka rmdir) command.
by Stefan Schurtz
D-Link DNS-320 ShareCenter - Remote Reboot/Shutdown/Reset (Denial of Service)
by rigan
Bugbear Entertainment FlatOut 2005 - Buffer Overflow via BED File Title Field
Buffer overflow in Bugbear Entertainment FlatOut 2005 allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the title field in a bed file.
by Silent_Dream
PHP-Nuke <8.1.0.3.5b - SQL Injection
SQL injection vulnerability in the Downloads module for PHP-Nuke 8.0 8.1.0.3.5b and earlier allows remote authenticated users to execute arbitrary SQL commands via the url parameter in the Add operation to modules.php.
by Dante90
Soda PDF Professional 1.2.155 - '.pdf' / '.WWF' File Handling Denial of Service
by LiquidWorm
COMTREND CT-5624 Router - Root/Support Password Disclosure/Change
by Todor Donev
OpenPAM <r478 - Privilege Escalation
Directory traversal vulnerability in openpam_configure.c in OpenPAM before r478 on FreeBSD 8.1 allows local users to load arbitrary DSOs and gain privileges via a .. (dot dot) in the service_name argument to the pam_start function, as demonstrated by a .. in the -c option to kcheckpass.
by IKCE
DreamBox DM800 Firmware < 1.6 - Path Traversal via File Parameter
Directory traversal vulnerability in file in DreamBox DM800 1.6rc3, 1.5rc1, and earlier allows remote attackers to read arbitrary files via the file parameter.
by Todor Donev
BlueZone Desktop - Multiple Malformed Files Local Denial of Service Vulnerabilities
by Silent_Dream
BlueZone - '.zft' File Local Denial of Service
by Iolo Morganwg
BlueZone Desktop - '.zap' file Local Denial of Service
by Silent_Dream
Ashampoo Burning Studio Elements 10.0.9 - '.ashprj' Heap Overflow
by LiquidWorm
JBoss JMX Console Deployer Upload and Execute
The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST methods, which allows remote attackers to send requests to this application's GET handler by using a different method.
by y0ug
CVSS 5.3
Polipo < 1.0.4.1 - Denial of Service via HTTP POST/PUT Request
Polipo before 1.0.4.1 suffers from a DoD vulnerability via specially-crafted HTTP POST / PUT request.
by Usman Saeed
CVSS 7.5
San Andreas Multiplayer 0.3.1.1 - Stack-based Buffer Overflow via Malformed server.cfg Echo Directive
GTA San Andreas Multiplayer (SA-MP) server version 0.3.1.1 is vulnerable to a stack-based buffer overflow triggered by parsing a malformed server.cfg configuration file. The vulnerability allows local attackers to execute arbitrary code when the server binary (samp-server.exe) processes a crafted echo directive containing excessive input. The original 'sa-mp.com' site is defunct, but the community maintains mirrors and forks that may be vulnerable.
by Silent_Dream
Muse Music All-in-One 1.5.0.001 - '.pls' Local Buffer Overflow (DEP Bypass)
by C4SS!0 G0M3S
KnFTP 1.0.0 - Remote Code Execution via Multiple Stack-Based Buffer Overflows
Multiple stack-based buffer overflows in KnFTP 1.0.0 allow remote attackers to execute arbitrary code via a long string to the (1) USER, (2) PASS, (3) REIN, (4) QUIT, (5) PORT, (6) PASV, (7) TYPE, (8) STRU, (9) MODE, (10) RETR, (11) STOR, (12) APPE, (13) ALLO, (14) REST, (15) RNFR, (16) RNTO, (17) ABOR, (18) DELE, (19) CWD, (20) LIST, (21) NLST, (22) SITE, (23) STST, (24) HELP, (25) NOOP, (26) MKD, (27) RMD, (28) PWD, (29) CDUP, (30) STOU, (31) SNMT, (32) SYST, and (33) XPWD commands.
by mr.pr0n
World Of Warcraft - 'chat-cache.txt' Local Stack Overflow Denial of Service
by BSOD Digital
TOWeb 3.0 - Local Format String Denial of Service 'TOWeb.MO' File Corruption
by BSOD Digital
MapServer < 6.0.1 - Use-After-Free in msAddImageSymbol
Double free vulnerability in the msAddImageSymbol function in mapsymbol.c in MapServer before 6.0.1 might allow remote attackers to cause a denial of service (application crash) or have unspecified other impact via crafted mapfile data.
by rouault
Mini-stream Ripper 2.9.7.273 - '.m3u' Universal Buffer Overflow
by D3r K0n!G
By Source