Perl Exploits
2,854 exploits tracked across all sources.
Simple PHP Blog <0.5.1 - Path Traversal
Directory traversal vulnerability in languages_cgi.php in Simple PHP Blog 0.5.1 and earlier allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the blog_language1 parameter.
by jgaliana
PlayMeNow - '.M3U' Playlist Buffer Overflow (SEH)
by ThE g0bL!N
Woltlab Burningboard Addon Kleinanzeigenmarkt - SQL Injection
by fred777
Mini-stream RM Downloader - Memory Corruption
Stack-based buffer overflow in Mini-stream RM Downloader 3.0.0.9 allows remote attackers to execute arbitrary code via a long URI in a playlist (.m3u) file.
by Vinod Sharma
Array index error - DoS
Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4, K-Meleon 1.5.3, SeaMonkey 1.1.8, and other products, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large precision value in the format argument to a printf function, which triggers incorrect memory allocation and a heap-based buffer overflow during conversion to a floating-point number.
by Maksymilian Arciemowicz & sp3x
Ezsoftmagic Mp3 Audio Converter - Buffer Overflow
EZ softmagic MP3 Audio Converter 2.7.3.700 was discovered to contain a buffer overflow.
by Vinod Sharma
CVSS 9.8
Xenorate <2.50 - Buffer Overflow
Xenorate versions up to and including 2.50, a Windows-based multimedia player, is vulnerable to a stack-based buffer overflow when processing .xpl playlist files. The application fails to properly validate the length of input data, allowing an attacker to craft a malicious .xpl file that overwrites the Structured Exception Handler (SEH) and enables arbitrary code execution. Exploitation requires local interaction, typically by convincing a user to open the crafted file.
by germaya_x
gAlan 0.2.1 - Buffer Overflow
gAlan 0.2.1, a modular audio processing environment for Windows, is vulnerable to a stack-based buffer overflow when parsing .galan files. The application fails to properly validate the length of input data, allowing a specially crafted file to overwrite the stack and execute arbitrary code. Exploitation requires local interaction, typically by convincing a user to open the malicious file.
by Jeremy Brown
Polipo <1.0.4 - DoS
The httpClientDiscardBody function in client.c in Polipo 0.9.8, 0.9.12, 1.0.4, and possibly other versions, allows remote attackers to cause a denial of service (crash) via a request with a large Content-Length value, which triggers an integer overflow, a signed-to-unsigned conversion error with a negative value, and a segmentation fault.
by Jeremy Brown
Golden FTP Server <4.50 - Path Traversal
Directory traversal vulnerability in Golden FTP Server 4.30 Free and Professional, 4.50, and possibly other versions allows remote authenticated users to delete arbitrary files via a .. (dot dot) in the DELE command. NOTE: some of these details are obtained from third party information.
by sharpe
CVSS 8.1
Klinza Professional CMS <5.0.1 - Path Traversal
Directory traversal vulnerability in funzioni/lib/menulast.php in klinza professional cms 5.0.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the LANG parameter.
by klinza
TUKEVA Password Reminder <1.0.0.4 - Info Disclosure
TUKEVA Password Reminder before 1.0.0.4 uses a hard-coded password for rem.accdb, which allows local users to discover credentials via a DBI connection.
by iqlusion
Novell eDirectory <8.8 SP5 - Buffer Overflow
Stack-based buffer overflow in the dhost module in Novell eDirectory 8.8 SP5 for Windows allows remote authenticated users to execute arbitrary code via long sadminpwd and verifypwd parameters in a submit action to /dhost/httpstk.
by karak0rsan
Apple Safari 4.0.3 - DoS
Stack consumption vulnerability in Apple Safari 4.0.3 on Windows allows remote attackers to cause a denial of service (application crash) via a long URI value (aka url) in the Cascading Style Sheets (CSS) background property.
by Jeremy Brown
Aimp2 Audio Converter < 2.53 - Memory Corruption
Stack-based buffer overflow in AIMP2 Audio Converter 2.53 (build 330) and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long File1 argument in a (1) .pls or (2) .m3u playlist file.
by corelanc0d3r
Novell eDirectory <8.8 SP5 - Buffer Overflow
Stack-based buffer overflow in the dhost module in Novell eDirectory 8.8 SP5 for Windows allows remote authenticated users to cause a denial of service (dhost.exe crash) and possibly execute arbitrary code via a long string to /dhost/modules?I:.
by HACKATTACK
Joomla! Component JForJoomla! Jreservation 1.5 - 'pid' SQL Injection
by Chip d3 bi0s
Xion Audio Player 1.0 121 - '.m3u' Remote Buffer Overflow (1)
by corelanc0d3r
Xion Audio Player 1.0 121 - '.m3u' Local Buffer Overflow (2)
by Dragon Rider
ProFTPd 1.3.0 (OpenSUSE) - 'mod_ctrls' Local Stack Overflow
by Michael Domberg
EZsneezyCal CMS 95.1-95.2 - Remote File Inclusion
by kaMtiEz
Jdtmmsm Ezrecipe-zee - Path Traversal
Directory traversal vulnerability in config/config.php in ezRecipe-Zee 91, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the cfg[prePath] parameter.
by kaMtiEz
MultiMedia Soft AdjMmsEng.dll <7.11.2.7 - Buffer Overflow
Stack-based buffer overflow in MultiMedia Soft AdjMmsEng.dll 7.11.1.0 and 7.11.2.7, as distributed in multiple MultiMedia Soft audio components for .NET, allows remote attackers to execute arbitrary code via a long string in a playlist (.pls) file, as originally reported for Euphonics Audio Player 1.0. NOTE: some of these details are obtained from third party information.
by germaya_x
By Source