Perl Exploits
2,849 exploits tracked across all sources.
POP Peeper 3.4.0.0 - '.html' Universal Overwrite (SEH)
by Stack
POP Peeper 3.4.0.0 - '.eml' Universal Overwrite (SEH)
by Stack
eXeScope 6.50 - Buffer Overflow via Crafted Executable File
Buffer overflow in eXeScope 6.50 allows user-assisted remote attackers to execute arbitrary code via a crafted executable (.exe) file.
by Koshi
Extensible-BioLawCom CMS <0.2.0 - SQL Injection
SQL injection vulnerability in include/get_read.php in Extensible-BioLawCom CMS (X-BLC) 0.2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the section parameter.
by dun
rGallery plugin 1.2.3 for WoltLab Burning Board - SQL Injection via userID Parameter
SQL injection vulnerability in the rGallery plugin 1.2.3 for WoltLab Burning Board (WBB3) allows remote attackers to execute arbitrary SQL commands via the userID parameter in the RGalleryUserGallery page to index.php, a different vector than CVE-2008-4627.
by Invisibility
Syzygy CMS 0.3 - Local File Inclusion / SQL Injection
by Osirys
Codice CMS 2 - SQL Injection via Tag Parameter
SQL injection vulnerability in index.php in Codice CMS 2 allows remote attackers to execute arbitrary SQL commands via the tag parameter.
by darkjoker
Chasys Media Player - '.lst Playlist' Local Buffer Overflow
by zAx
Talkative IRC v0.4.4.16 - Buffer Overflow
Talkative IRC v0.4.4.16 is vulnerable to a stack-based buffer overflow when processing specially crafted response strings sent to a connected client. An attacker can exploit this flaw by sending an overly long message that overflows a fixed-length buffer, potentially leading to arbitrary code execution in the context of the vulnerable process. This vulnerability is exploitable remotely and does not require authentication.
by LiquidWorm
Serv-U File Server 7.0.0.1-7.4.0.1 - Unauthenticated Directory Traversal via FTP MKD Command
Directory traversal vulnerability in the FTP server in Rhino Software Serv-U File Server 7.0.0.1 through 7.4.0.1 allows remote attackers to create arbitrary directories via a \.. (backslash dot dot) in an MKD request.
by Jonathan Salwan
WinAsm Studio 5.1.5.0 - Buffer Overflow via Crafted Project File
Buffer overflow in WinAsm Studio 5.1.5.0 allows user-assisted remote attackers to execute arbitrary code via a crafted project (.wap) file.
by Stack
VLC Media Player 0.9.8a - Denial of Service via Long Input Argument in requests/status.xml
requests/status.xml in VLC 0.9.8a allows remote attackers to cause a denial of service (stack consumption and crash) via a long input argument in an in_play action.
by TheLeader
Serv-U File Server 7.0.0.1-7.4.0.1 - Authenticated Denial of Service via SMNT Command
The FTP server in Serv-U 7.0.0.1 through 7.4.0.1 allows remote authenticated users to cause a denial of service (service hang) via a large number of SMNT commands without an argument.
by Jonathan Salwan
Foxit Reader <3.0 Build 1506 - Buffer Overflow
Stack-based buffer overflow in Foxit Reader 3.0 before Build 1506, including 1120 and 1301, allows remote attackers to execute arbitrary code via a long (1) relative path or (2) absolute path in the filename argument in an action, as demonstrated by the "Open/Execute a file" action.
by SkD
POP Peeper < 3.4.0.0 - Remote Code Execution via Long Date Header
Stack-based buffer overflow in POP Peeper 3.4.0.0 and earlier allows remote POP3 servers to execute arbitrary code via a long Date header, related to Imap.dll.
by Jeremy Brown
GuildFTPd FTP Server 0.999.14 - Remote Delete Files
by Jonathan Salwan
IBM Director < 5.20.3 - Remote Code Execution via CIM Server Path Traversal
Directory traversal vulnerability in the CIM server in IBM Director before 5.20.3 Service Update 2 on Windows allows remote attackers to load and execute arbitrary local DLL code via a .. (dot dot) in a /CIMListener/ URI in an M-POST request.
by Bernhard Mueller
RoomPHPlanning 1.6 - 'userform.php' Create Admin User
by Jonathan Salwan
Mediacoder 0.6.2.4275 - '.m3u' Universal Stack Overflow
by Stack
EFS Easy Chat Server 2.2 - Authentication Request Buffer Overflow
by Dr4sH
Yaws < 1.80 - Denial of Service via Large Number of Headers
Yaws before 1.80 allows remote attackers to cause a denial of service (memory consumption and crash) via a request with a large number of headers.
by Praveen Darshanam
Novell eDirectory 8.8 SP3 - Remote Code Execution via iMonitor Accept-Language Header
Off-by-one error in the iMonitor component in Novell eDirectory 8.8 SP3, 8.8 SP3 FTF3, and possibly other versions allows remote attackers to execute arbitrary code via an HTTP request with a crafted Accept-Language header, which triggers a stack-based buffer overflow.
by Praveen Darshanam
Media Commands 1.0 - Remote Code Execution via Long String in Playlist File
Multiple heap-based buffer overflows in Media Commands 1.0 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long string in a (1) M3U, (2) M3l, (3) TXT, and (4) LRC playlist file.
by Hakxer
By Source