Perl Exploits
2,854 exploits tracked across all sources.
Haudenschilt Family Connections CMS <1.9 - SQL Injection
Multiple SQL injection vulnerabilities in Haudenschilt Family Connections CMS (FCMS) 1.9 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) thread parameter to messageboard.php, (2) member parameter to profile.php, (3) pid parameter to gallery/index.php, and the (4) fcms_login_id cookie parameter.
by YEnH4ckEr
Mini-stream Castripper - Memory Corruption
Stack-based buffer overflow in Mini-stream CastRipper 2.50.70 allows remote attackers to execute arbitrary code via a long URL in the [playlist] section in a .pls file, a different vector than CVE-2009-1667.
by zAx
Mini-stream Castripper - Memory Corruption
Stack-based buffer overflow in Mini-stream CastRipper 2.50.70 allows remote attackers to execute arbitrary code via a long entry in a .m3u file, a different vector than CVE-2009-5137.
by Stack
Mini-stream Castripper - Memory Corruption
Stack-based buffer overflow in Mini-stream CastRipper 2.50.70 allows remote attackers to execute arbitrary code via a long entry in a .m3u file, a different vector than CVE-2009-5137.
by [0]x80->[H]4x²0r
Bigace Cms - SQL Injection
SQL injection vulnerability in the new user registration feature in BigACE CMS 2.5, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter.
by YEnH4ckEr
Anoldman Utopic - SQL Injection
SQL injection vulnerability in admin/utopic.php in uTopic 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the rating parameter to index.php.
by YEnH4ckEr
Urusoft Viplay3 - Memory Corruption
Stack-based buffer overflow in URUWorks ViPlay3 3.0 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long file entry in a .vpl file.
by LiquidWorm
RTWebalbum 1.0.462 - SQL Injection
SQL injection vulnerability in index.php in RTWebalbum 1.0.462 allows remote attackers to execute arbitrary SQL commands via the AlbumId parameter.
by YEnH4ckEr
Sorinara Soritong Mp3 Player - Memory Corruption
Stack-based buffer overflow in Sorinara Soritong MP3 Player 1.0 allows remote attackers to execute arbitrary code via a crafted .m3u file.
by Stack
Sorinara Streaming Audio Player - Memory Corruption
Stack-based buffer overflow in Sorinara Streaming Audio Player 0.9 allows remote attackers to execute arbitrary code via a crafted .pla file.
by Hakxer
Mini-stream RM Downloader - Memory Corruption
Stack-based buffer overflow in Mini-stream RM Downloader 3.0.0.9 allows remote attackers to execute arbitrary code via a long rtsp URL in a .ram file.
by G4N0K
Mini-stream Easy Rm-mp3 Converter - Memory Corruption
Multiple stack-based buffer overflows in Mini-stream Easy RM-MP3 Converter 3.0.0.7 allow remote attackers to execute arbitrary code via (1) a long rtsp URL in a .ram file and (2) a long string in the HREF attribute of a REF element in a .asx file.
by G4N0K
Mini-stream Easy Rm-mp3 Converter - Memory Corruption
Multiple stack-based buffer overflows in Mini-stream Easy RM-MP3 Converter 3.0.0.7 allow remote attackers to execute arbitrary code via (1) a long rtsp URL in a .ram file and (2) a long string in the HREF attribute of a REF element in a .asx file.
by G4N0K
Mini-stream Ripper - Memory Corruption
Multiple stack-based buffer overflows in Mini-stream Ripper 3.0.1.1 allow remote attackers to execute arbitrary code via (1) a long rtsp URL in a .ram file and (2) a long string in the HREF attribute of a REF element in a .asx file.
by G4N0K
Mini-stream Ripper - Memory Corruption
Multiple stack-based buffer overflows in Mini-stream Ripper 3.0.1.1 allow remote attackers to execute arbitrary code via (1) a long rtsp URL in a .ram file and (2) a long string in the HREF attribute of a REF element in a .asx file.
by G4N0K
Mini-stream TO Mp3 Converter - Memory Corruption
Multiple stack-based buffer overflows in Mini-stream ASX to MP3 Converter 3.0.0.7 allow remote attackers to execute arbitrary code via (1) a long rtsp URL in a .ram file and (2) a long string in the HREF attribute of a REF element in a .asx file. NOTE: the latter was also subsequently reported in "prior to 3.1.3.7."
by G4N0K
Mini-stream TO Mp3 Converter - Memory Corruption
Multiple stack-based buffer overflows in Mini-stream ASX to MP3 Converter 3.0.0.7 allow remote attackers to execute arbitrary code via (1) a long rtsp URL in a .ram file and (2) a long string in the HREF attribute of a REF element in a .asx file. NOTE: the latter was also subsequently reported in "prior to 3.1.3.7."
by G4N0K
Shemes Grabit < 1.7.2 - Memory Corruption
Stack-based buffer overflow in the NZB importer feature in GrabIt 1.7.2 Beta 3 and earlier allows remote attackers to execute arbitrary code via a crafted DTD reference in a DOCTYPE element in an NZB file.
by Jeremy Brown
Sorinara Streaming Audio Player - Memory Corruption
Stack-based buffer overflow in Sorinara Streaming Audio Player 0.9 allows remote attackers to execute arbitrary code via a crafted .pla file.
by GoLd_M
webSPELL <4.2.0e - Path Traversal
Directory traversal vulnerability in src/func/language.php in webSPELL 4.2.0e and earlier allows remote attackers to include and execute arbitrary local .php files via a .. (dot dot) in a language cookie. NOTE: this can be leveraged for SQL injection by including awards.php.
by DNX
Electrasoft 32bit FTP - Memory Corruption
Stack-based buffer overflow in ElectraSoft 32bit FTP 09.04.24 allows remote FTP servers to execute arbitrary code via a long banner. NOTE: this might overlap CVE-2003-1368.
by Load 99%
Sorinara SAP 0.9 - RCE
Stack-based buffer overflow in Sorinara Streaming Audio Player (SAP) 0.9 allows remote attackers to execute arbitrary code via a long string in a playlist (.m3u) file.
by Stack
Shemes Grabit < 1.7.2 - Memory Corruption
Stack-based buffer overflow in the NZB importer feature in GrabIt 1.7.2 Beta 3 and earlier allows remote attackers to execute arbitrary code via a crafted DTD reference in a DOCTYPE element in an NZB file.
by Gaurav Baruah
By Source