Perl Exploits

2,849 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-119046 EXPLOITDB perl VERIFIED
POP Peeper 3.4.0.0 - UIDL Remote Buffer Overflow (SEH)
by Jeremy Brown
CVE-2009-0812 EXPLOITDB perl VERIFIED
BreakPoint Software Hex Workshop <6 - Buffer Overflow
Stack-based buffer overflow in BreakPoint Software Hex Workshop 4.23, 6.0.1.4603, and other 6.x and earlier versions allows remote attackers to execute arbitrary code via a crafted Intel Hex Code (.hex) file. NOTE: some of these details are obtained from third party information.
by DATA_SNIPER
EIP-2026-115445 EXPLOITDB perl VERIFIED
Internet Download Manager 5.15 Build 3 - Language File Parsing Buffer Overflow (PoC)
by musashi karak0rsan
EIP-2026-106165 EXPLOITDB perl VERIFIED
Coppermine Photo Gallery 1.4.20 - 'IMG' Privilege Escalation
by Inphex
CVE-2007-1152 EXPLOITDB perl VERIFIED
Pyrophobia 2.1.3.1 - Path Traversal
Multiple directory traversal vulnerabilities in Pyrophobia 2.1.3.1 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) act or (2) pid parameter to the top-level URI (index.php), or the (3) action parameter to admin/index.php. NOTE: some of these details are obtained from third party information.
by Osirys
CVE-2009-0658 EXPLOITDB HIGH perl VERIFIED
Adobe Reader <9.0 - Buffer Overflow
Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF document, related to a non-JavaScript function call and possibly an embedded JBIG2 image stream, as exploited in the wild in February 2009 by Trojan.Pidief.E.
by Guido Landi
CVSS 7.8
EIP-2026-111457 EXPLOITDB perl VERIFIED
pPIM 1.01 - 'notes.php' Remote Command Execution
by JosS
CVE-2009-0728 EXPLOITDB perl VERIFIED
MAXdev MDPro/Postnuke - SQL Injection
SQL injection vulnerability in the My_eGallery module for MAXdev MDPro (MD-Pro) and Postnuke allows remote attackers to execute arbitrary SQL commands via the pid parameter in a showpic action to index.php.
by StAkeR
CVE-2009-0731 EXPLOITDB perl VERIFIED
Free Arcade Script 1.0 - Path Traversal
Directory traversal vulnerability in pages/play.php in Free Arcade Script 1.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the template parameter.
by Osirys
EIP-2026-115361 EXPLOITDB perl VERIFIED
Got All Media 7.0.0.3 - Remote Denial of Service
by LiquidWorm
EIP-2026-107480 EXPLOITDB perl VERIFIED
Graugon Forum 1 - 'id' Command Injection / SQL Injection
by Osirys
EIP-2026-107109 EXPLOITDB perl VERIFIED
Firepack - '/admin/ref.php' Remote Code Execution
by Lidloses_Auge
CVE-2009-0650 EXPLOITDB perl VERIFIED
tptest < 3.1.7 - Stack-Based Buffer Overflow via Long STATS Line pwd Field
Stack-based buffer overflow in the GetStatsFromLine function in TPTEST 3.1.7 and earlier, and possibly 5.02, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a STATS line with a long pwd field. NOTE: some of these details are obtained from third party information.
by ffwd
CVE-2009-0659 EXPLOITDB perl VERIFIED
TPTEST 3.1.7 - Stack-Based Buffer Overflow via Long Email Field in STATS Line
Stack-based buffer overflow in the GetStatsFromLine function in TPTEST 3.1.7 allows remote attackers to have an unknown impact via a STATS line with a long email field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
by ffwd
EIP-2026-112155 EXPLOITDB perl VERIFIED
simplePms CMS 0.1.4 - Local File Inclusion / Remote Command Execution
by Osirys
EIP-2026-109410 EXPLOITDB perl VERIFIED
MemHT Portal 4.0.1 - Delete All Private Messages
by StAkeR
CVE-2009-5095 EXPLOITDB perl VERIFIED
ea gBook 0.1 and 0.1.4 - Remote Code Execution via inc_ordner Parameter
PHP remote file inclusion vulnerability in index_inc.php in ea gBook 0.1 and 0.1.4 allows remote attackers to execute arbitrary PHP code via a URL in the inc_ordner parameter.
by bd0rk
CVE-2009-5094 EXPLOITDB perl VERIFIED
CMS Faethon 2.2.0 Ultimate - SQL Injection via info.php item Parameter
SQL injection vulnerability in info.php in CMS Faethon 2.2.0 Ultimate allows remote attackers to execute arbitrary SQL commands via the item parameter.
by Osirys
EIP-2026-105532 EXPLOITDB perl VERIFIED
BlogWrite 0.91 - Remote File Disclosure / SQL Injection
by Osirys
EIP-2026-107870 EXPLOITDB perl VERIFIED
InselPhoto 1.1 - 'query' SQL Injection
by Osirys
CVE-2009-5090 EXPLOITDB perl VERIFIED
Bloggeruniverse Beta 2 - SQL Injection via editcomments.php id Parameter
SQL injection vulnerability in editcomments.php in Bloggeruniverse Beta 2, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter and possibly other unspecified vectors.
by Osirys
EIP-2026-107158 EXPLOITDB perl VERIFIED
Fluorine CMS 0.1 rc 1 - File Disclosure / SQL Injection / Command Execution
by Osirys
CVE-2009-0542 EXPLOITDB perl VERIFIED
ProFTPD Server <1.3.2rc2 - SQL Injection
SQL injection vulnerability in ProFTPD Server 1.3.1 through 1.3.2rc2 allows remote attackers to execute arbitrary SQL commands via a "%" (percent) character in the username, which introduces a "'" (single quote) character during variable substitution by mod_sql.
by AlpHaNiX
CVE-2009-0546 EXPLOITDB perl VERIFIED
NewsGator FeedDemon <2.7 - Buffer Overflow
Stack-based buffer overflow in NewsGator FeedDemon 2.7 and earlier allows user-assisted remote attackers to execute arbitrary code via a long text attribute in an outline element in a .opml file.
by cenjan
EIP-2026-113172 EXPLOITDB perl VERIFIED
w3bcms 3.5.0 - Multiple Vulnerabilities
by DNX
By Source
All 2,849 Writeup 62,183 Exploitdb 50,126 Nomisec 22,380 Github 3,588 Metasploit 3,311 Vulncheck_xdb 927 Inthewild 514 Gitlab 479 Gitee 415 Patchapalooza 312
By Language
text 31,433 python 6,554 ruby 6,001 c 3,625 perl 2,849 html 2,074 php 1,333 bash 462 java 370 c++ 260 javascript 229 shell 131 go 73 postscript 25 typescript 25