Perl Exploits
2,849 exploits tracked across all sources.
TriceraSoft Swift Ultralite 1.032 - Stack-Based Buffer Overflow via Long String in M3U Playlist File
Stack-based buffer overflow in TriceraSoft Swift Ultralite 1.032 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long string in a .M3U playlist file.
by hack4love
SolarWinds TFTP Server <= 9.2.0.111 - Denial of Service via Crafted OACK Request
SolarWinds TFTP Server 9.2.0.111 and earlier allows remote attackers to cause a denial of service (service stop) via a crafted Option Acknowledgement (OACK) request. NOTE: some of these details are obtained from third party information.
by Gaurav Baruah
Photodex ProShow Gold 4.0.2549 - Stack-Based Buffer Overflow via Crafted Slideshow Project File
Multiple stack-based buffer overflows in Photodex ProShow Gold 4.0.2549 allow remote attackers to execute arbitrary code via a crafted Slideshow project (.psh) file, related to the (1) cell[n].images[m].image and (2) cell[n].sound.file fields.
by hack4love
Media Jukebox 8 - '.m3u' Universal Local Buffer (SEH)
by hack4love
telepark.wiki <2.4.23 - Auth Bypass
telepark.wiki 2.4.23 and earlier allows remote attackers to bypass authorization and (1) delete arbitrary pages via a modified pageID parameter to ajax/deletePage.php or (2) delete arbitrary comments via a modified pageID parameter to ajax/deleteComment.php.
by corelanc0d3r
telepark.wiki <2.4.23 - Path Traversal
Multiple directory traversal vulnerabilities in telepark.wiki 2.4.23 and earlier allow remote attackers to read arbitrary files via directory traversal sequences in the css parameter to (1) getjs.php and (2) getcsslocal.php; and include and execute arbitrary local files via the (3) group parameter to upload.php.
by corelanc0d3r
Photodex ProShow Gold 4.0.2549 - Stack-Based Buffer Overflow via Crafted Slideshow Project File
Multiple stack-based buffer overflows in Photodex ProShow Gold 4.0.2549 allow remote attackers to execute arbitrary code via a crafted Slideshow project (.psh) file, related to the (1) cell[n].images[m].image and (2) cell[n].sound.file fields.
by corelanc0d3r
KSP 2006 FINAL - Stack-Based Buffer Overflow via M3U Playlist File
Stack-based buffer overflow in KSP 2006 FINAL allows remote attackers to execute arbitrary code via a long string in a .M3U playlist file.
by hack4love
Fat Player 0.6b - Remote Code Execution via Long String in WAV File
Stack-based buffer overflow in Fat Player 0.6b allows remote attackers to execute arbitrary code via a long string in a .wav file. NOTE: some of these details are obtained from third party information.
by ahwak2000
FLIP Flash Album Deluxe 1.8.407.1 - '.fft' Crash (PoC)
by the_Edit0r
Faslo Player 7.0 - Stack-Based Buffer Overflow via Long String in M3U Playlist File
Stack-based buffer overflow in Faslo Player 7.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long string in a .m3u playlist file.
by hack4love
AiO (All into One) Flash Mixer 3 - '.afp' Crash (PoC)
by the_Edit0r
ITechBids 8.0 - SQL Injection via User ID, Category ID, News ID, or Product ID Parameter
Multiple SQL injection vulnerabilities in ITechBids 8.0 allow remote attackers to execute arbitrary SQL commands via the (1) user_id parameter to feedback.php, (2) cate_id parameter to category.php, (3) id parameter to news.php, and (4) productid parameter to itechd.php. NOTE: the sellers_othersitem.php, classifieds.php, and shop.php vectors are already covered by CVE-2008-3238.
by Mr.SQL
Xenorate Media Player 2.6.0.0 - '.xpl' Universal Local Buffer (SEH)
by hack4love
Playlistmaker 1.51 - '.m3u' Local Buffer Overflow (SEH)
by blake
KOL Player 1.0 - Stack-Based Buffer Overflow via Long URL in MP3 Playlist
Stack-based buffer overflow in Thaddy de Konng KOL Player 1.0 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long URL in a .MP3 playlist file.
by Evil.Man
broid 1.0 Beta 3a - Stack-Based Buffer Overflow via MP3 File Processing
Stack-based buffer overflow in broid 1.0 Beta 3a allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long string in a .mp3 file.
by hack4love
AJ Auction Pro OOPD 2.x - SQL Injection via store.php id Parameter
SQL injection vulnerability in store.php in AJ Auction Pro OOPD 2.x allows remote attackers to execute arbitrary SQL commands via the id parameter.
by NoGe
Programmed Integration PIPL 2.5.0 and 2.5.0D - Remote Code Execution via Long String in Playlist File
Multiple stack-based buffer overflows in xaudio.dll in Programmed Integration PIPL 2.5.0 and 2.5.0D allow remote attackers to execute arbitrary code via a long string in a (1) .pls or (2) .pl playlist file.
by hack4love
Easy Music Player 1.0.0.2 - Remote Code Execution via Crafted WAV File
Stack-based buffer overflow in Easy Music Player 1.0.0.2 allows remote attackers to execute arbitrary code via a crafted .wav file.
by hack4love
Easy Music Player 1.0.0.2 - Remote Code Execution via Crafted WAV File
Stack-based buffer overflow in Easy Music Player 1.0.0.2 allows remote attackers to execute arbitrary code via a crafted .wav file.
by ThE g0bL!N
Easy Music Player 1.0.0.2 - Remote Code Execution via Crafted WAV File
Stack-based buffer overflow in Easy Music Player 1.0.0.2 allows remote attackers to execute arbitrary code via a crafted .wav file.
by ahwak2000
By Source