Perl Exploits
2,849 exploits tracked across all sources.
MP3-Cutter Ease Audio Cutter <1.20 - DoS
Unspecified vulnerability in MP3-Cutter Ease Audio Cutter 1.20 allows user-assisted remote attackers to cause a denial of service (application crash) via a long string in a WAV file.
by zAx
JReservation 1.0 and 1.5 - SQL Injection via pid Parameter
SQL injection vulnerability in the JReservation (com_jreservation) component 1.0 and 1.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the pid parameter in a propertycpanel action to index.php.
by Chip d3 bi0s
Joomla! Component com_jlord_rss - 'id' Blind SQL Injection
by Chip d3 bi0s
MP3 Collector 2.3 - Denial of Service via Long URL in M3U Playlist File
MP3 Collector 2.3 allows remote attackers to cause a denial of service (application crash) via a long URL in a .m3u playlist file.
by zAx
E-Soft DJ Studio Pro <5.1.4.3.1 - Buffer Overflow
Stack-based buffer overflow in E-Soft DJ Studio Pro 4.2 including 4.2.2.7.5, and 5.x including 5.1.4.3.1, allows user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a playlist file (.pls) containing a long string. NOTE: some of these details are obtained from third party information.
by prodigy
Techlogica HTTP Server 1.03 - Arbitrary File Disclosure
by ThE g0bL!N
Invisible Browsing 5.0.52 - Buffer Overflow via Crafted .ibkey File
Buffer overflow in Invisible Browsing 5.0.52 allows user-assisted remote attackers to execute arbitrary code via a crafted .ibkey file containing a long string.
by PLATEN
httpdx Web Server 1.4 - Remote Code Execution via Host Header Format String Specifiers
Format string vulnerability in the h_readrequest function in http.c in httpdx Web Server 1.4 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via format string specifiers in the Host header.
by Pankaj Kohli
PHP Pro Bid - SQL Injection via auction_id Parameter
SQL injection vulnerability in auction_details.php in PHP Pro Bid allows remote attackers to execute arbitrary SQL commands via the auction_id parameter.
by NoGe
Icarus 2.0 - Stack-based Buffer Overflow via Crafted PGN File
Stack-based buffer overflow in Icarus 2.0 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted Portable Game Notation (.pgn) file.
by germaya_x
Apple Safari - Denial of Service via JavaScript eval on Long String
Stack consumption vulnerability in WebKit.dll in WebKit in Apple Safari 3.2.3, and possibly other versions before 4.1.2, allows remote attackers to cause a denial of service (application crash) via JavaScript code that calls eval on a long string composed of A/ sequences.
by Jeremy Brown
jetAudio 7.1.9.4030 plus - vx(asx/wax/wvx) Universal Local Buffer Overflow (SEH)
by hack4love
Media Player Classic 6.4.9 - Denial of Service via Malformed MIDI File Header
Integer overflow in Media Player Classic 6.4.9 allows user-assisted remote attackers to cause a denial of service (application crash) via a MIDI file (.mid) with a malformed header, which triggers a buffer overflow, a different vulnerability than CVE-2007-4940.
by PLATEN
Ipswitch WS_FTP Professional 12 - Denial of Service via HTTP Response Status Code Format String
Format string vulnerability in Ipswitch WS_FTP Professional 12 before 12.2 allows remote attackers to cause a denial of service (crash) via format string specifiers in the status code portion of an HTTP response.
by Jeremy Brown
Joomla! com_tpdugg 1.1 - SQL Injection
SQL injection vulnerability in the TemplatePlaza.com TPDugg (com_tpdugg) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a tags action to index.php.
by NoGe
Agoko CMS < 0.4 - Unauthenticated Arbitrary File Upload via admintools/editpage-2.php
Unrestricted file upload vulnerability in admintools/editpage-2.php in Agoko CMS 0.4 and earlier allows remote attackers to inject and execute arbitrary PHP code via the filename and text parameters.
by StAkeR
OTSTurntables 1.00 - Buffer Overflow via Long File Path in M3U File
Buffer overflow in Ots Labs OTSTurntables 1.00 allows user-assisted remote attackers to execute arbitrary code via a long file path in an m3u file.
by hack4love
SAP Player 0.9 - '.m3u' Universal Local Buffer Overflow (SEH)
by PLATEN
Hamster Audio Player 0.3a - 'Associations.cfg' Local Buffer (SEH) (2)
by hack4love
Microsoft Internet Information Server 5.0-6.0 - Authenticated Remote Code Execution via FTP NLST Command Buffer Overflow
Buffer overflow in the FTP Service in Microsoft Internet Information Services (IIS) 5.0 through 6.0 allows remote authenticated users to execute arbitrary code via a crafted NLST (NAME LIST) command that uses wildcards, leading to memory corruption, aka "IIS FTP Service RCE and DoS Vulnerability."
by muts
Hamster Audio Player 0.3a - 'Associations.cfg' Local Buffer (SEH) (1)
by ThE g0bL!N
Nokia MultiMedia Player 1.1 - Remote Denial of Service
by opt!x hacker
dTunes 2.72 - Filename Processing Local Format String (PoC)
by TheLeader
Microsoft Internet Information Server 5.0-6.0 - Authenticated Remote Code Execution via FTP NLST Command Buffer Overflow
Buffer overflow in the FTP Service in Microsoft Internet Information Services (IIS) 5.0 through 6.0 allows remote authenticated users to execute arbitrary code via a crafted NLST (NAME LIST) command that uses wildcards, leading to memory corruption, aka "IIS FTP Service RCE and DoS Vulnerability."
by kingcope
Ultimate Player 1.56 beta - Remote Code Execution via Long String in Playlist File
Multiple stack-based buffer overflows in Ultimate Player 1.56 beta allow remote attackers to execute arbitrary code via a long string in a (1) .m3u or (2) .upl playlist file.
by hack4love
By Source