Perl Exploits

2,849 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-113468 EXPLOITDB perl VERIFIED
Woltlab Burningboard Addon Kleinanzeigenmarkt - SQL Injection
by fred777
CVE-2009-1326 EXPLOITDB perl VERIFIED
Mini-stream RM Downloader 3.0.0.9 - Stack-based Buffer Overflow via Long URI in Playlist File
Stack-based buffer overflow in Mini-stream RM Downloader 3.0.0.9 allows remote attackers to execute arbitrary code via a long URI in a playlist (.m3u) file.
by Vinod Sharma
EIP-2026-102928 EXPLOITDB perl VERIFIED
Mozilla Codesighs - Memory Corruption
by Jeremy Brown
CVE-2009-0689 EXPLOITDB perl
K-Meleon 1.5.3 - Heap-Based Buffer Overflow via Large Precision Value in printf Format Argument
Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4, K-Meleon 1.5.3, SeaMonkey 1.1.8, and other products, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large precision value in the format argument to a printf function, which triggers incorrect memory allocation and a heap-based buffer overflow during conversion to a floating-point number.
by Maksymilian Arciemowicz & sp3x
CVE-2023-37734 EXPLOITDB CRITICAL perl VERIFIED
EZ softmagic MP3 Audio Converter 2.7.3.700 - Buffer Overflow
EZ softmagic MP3 Audio Converter 2.7.3.700 was discovered to contain a buffer overflow.
by Vinod Sharma
CVSS 9.8
CVE-2009-20003 EXPLOITDB HIGH perl VERIFIED
Xenorate <= 2.50 - Stack-based Buffer Overflow via .xpl Playlist File
Xenorate versions up to and including 2.50, a Windows-based multimedia player, is vulnerable to a stack-based buffer overflow when processing .xpl playlist files. The application fails to properly validate the length of input data, allowing an attacker to craft a malicious .xpl file that overwrites the Structured Exception Handler (SEH) and enables arbitrary code execution. Exploitation requires local interaction, typically by convincing a user to open the crafted file.
by germaya_x
CVE-2009-20004 EXPLOITDB HIGH perl VERIFIED
gAlan < 0.2.1 - Stack-based Buffer Overflow via .galan File Parsing
gAlan 0.2.1, a modular audio processing environment for Windows, is vulnerable to a stack-based buffer overflow when parsing .galan files. The application fails to properly validate the length of input data, allowing a specially crafted file to overwrite the stack and execute arbitrary code. Exploitation requires local interaction, typically by convincing a user to open the malicious file.
by Jeremy Brown
CVE-2009-4413 EXPLOITDB perl VERIFIED
Polipo 0.9.8, 0.9.12, 1.0.4 - Denial of Service via Large Content-Length Request
The httpClientDiscardBody function in client.c in Polipo 0.9.8, 0.9.12, 1.0.4, and possibly other versions, allows remote attackers to cause a denial of service (crash) via a request with a large Content-Length value, which triggers an integer overflow, a signed-to-unsigned conversion error with a negative value, and a segmentation fault.
by Jeremy Brown
CVE-2009-4194 EXPLOITDB HIGH perl VERIFIED
Golden FTP Server <4.50 - Path Traversal
Directory traversal vulnerability in Golden FTP Server 4.30 Free and Professional, 4.50, and possibly other versions allows remote authenticated users to delete arbitrary files via a .. (dot dot) in the DELE command. NOTE: some of these details are obtained from third party information.
by sharpe
CVSS 8.1
CVE-2009-4216 EXPLOITDB perl VERIFIED
Klinza Professional CMS <5.0.1 - Path Traversal
Directory traversal vulnerability in funzioni/lib/menulast.php in klinza professional cms 5.0.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the LANG parameter.
by klinza
CVE-2009-4781 EXPLOITDB perl VERIFIED
TUKEVA Password Reminder <1.0.0.4 - Info Disclosure
TUKEVA Password Reminder before 1.0.0.4 uses a hard-coded password for rem.accdb, which allows local users to discover credentials via a DBI connection.
by iqlusion
CVE-2009-4654 EXPLOITDB perl VERIFIED
Novell eDirectory <8.8 SP5 - Buffer Overflow
Stack-based buffer overflow in the dhost module in Novell eDirectory 8.8 SP5 for Windows allows remote authenticated users to execute arbitrary code via long sadminpwd and verifypwd parameters in a submit action to /dhost/httpstk.
by karak0rsan
CVE-2009-4186 EXPLOITDB perl VERIFIED
Safari 4.0.3 - Denial of Service via Long CSS Background URI
Stack consumption vulnerability in Apple Safari 4.0.3 on Windows allows remote attackers to cause a denial of service (application crash) via a long URI value (aka url) in the Cascading Style Sheets (CSS) background property.
by Jeremy Brown
CVE-2009-3170 EXPLOITDB perl VERIFIED
AIMP2 Audio Converter < 2.53 - Stack-based Buffer Overflow via Long File1 Argument in Playlist File
Stack-based buffer overflow in AIMP2 Audio Converter 2.53 (build 330) and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long File1 argument in a (1) .pls or (2) .m3u playlist file.
by corelanc0d3r
CVE-2009-4653 EXPLOITDB perl VERIFIED
Novell eDirectory <8.8 SP5 - Buffer Overflow
Stack-based buffer overflow in the dhost module in Novell eDirectory 8.8 SP5 for Windows allows remote authenticated users to cause a denial of service (dhost.exe crash) and possibly execute arbitrary code via a long string to /dhost/modules?I:.
by HACKATTACK
EIP-2026-108723 EXPLOITDB perl VERIFIED
Joomla! Component JForJoomla! Jreservation 1.5 - 'pid' SQL Injection
by Chip d3 bi0s
EIP-2026-119320 EXPLOITDB perl VERIFIED
Xion Audio Player 1.0 121 - '.m3u' Remote Buffer Overflow (1)
by corelanc0d3r
EIP-2026-118181 EXPLOITDB perl VERIFIED
Xion Audio Player 1.0 121 - '.m3u' Local Buffer Overflow (2)
by Dragon Rider
EIP-2026-114772 EXPLOITDB perl VERIFIED
ProFTPd 1.3.0 (OpenSUSE) - 'mod_ctrls' Local Stack Overflow
by Michael Domberg
EIP-2026-107017 EXPLOITDB perl VERIFIED
EZsneezyCal CMS 95.1-95.2 - Remote File Inclusion
by kaMtiEz
CVE-2009-3694 EXPLOITDB perl VERIFIED
ezRecipe-Zee 91 - Path Traversal via cfg[prePath] Parameter
Directory traversal vulnerability in config/config.php in ezRecipe-Zee 91, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the cfg[prePath] parameter.
by kaMtiEz
EIP-2026-108843 EXPLOITDB perl VERIFIED
Joomla! Component Recerca - SQL Injection
by Don Tukulesto
CVE-2009-0476 EXPLOITDB perl VERIFIED
MultiMedia Soft AdjMmsEng.dll <7.11.2.7 - Buffer Overflow
Stack-based buffer overflow in MultiMedia Soft AdjMmsEng.dll 7.11.1.0 and 7.11.2.7, as distributed in multiple MultiMedia Soft audio components for .NET, allows remote attackers to execute arbitrary code via a long string in a playlist (.pls) file, as originally reported for Euphonics Audio Player 1.0. NOTE: some of these details are obtained from third party information.
by germaya_x
CVE-2009-3500 EXPLOITDB perl VERIFIED
BPowerHouse BPGames 1.0 - SQL Injection via cat_id or game_id Parameter
Multiple SQL injection vulnerabilities in BPowerHouse BPGames 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) cat_id parameter to main.php and (2) game_id parameter to game.php.
by OoN Boy
CVE-2009-3446 EXPLOITDB perl VERIFIED
com_mytube 1.0 Beta - SQL Injection via user_id Parameter
SQL injection vulnerability in the MyRemote Video Gallery (com_mytube) component 1.0 Beta for Joomla! allows remote attackers to execute arbitrary SQL commands via the user_id parameter in a videos action to index.php.
by Chip d3 bi0s
By Source
All 2,849 Writeup 62,021 Exploitdb 50,076 Nomisec 22,334 Github 3,511 Metasploit 3,299 Vulncheck_xdb 926 Inthewild 514 Gitlab 470 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,510 ruby 5,989 c 3,622 perl 2,849 html 2,072 php 1,332 bash 462 java 370 c++ 257 javascript 228 shell 130 go 72 postscript 25 typescript 25