Perl Exploits

2,854 exploits tracked across all sources.

Sort: Activity Stars
CVE-2008-3877 EXPLOITDB perl VERIFIED
Acoustica Mixcraft <4.2 - Buffer Overflow
Stack-based buffer overflow in Acoustica Mixcraft 4.1 Build 96 and 4.2 Build 98 allows user-assisted attackers to execute arbitrary code via a crafted .mx4 file. NOTE: it was later reported that version 3 is also affected.
by SkD
CVE-2008-5722 EXPLOITDB perl VERIFIED
SAWStudio 3.9i - Buffer Overflow
Buffer overflow in SAWStudio 3.9i allows user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long SAWSTUDIO PREFERENCES STRUCT value in a .prf (preferences) file.
by Encrypt3d.M!nd
CVE-2008-1918 EXPLOITDB perl VERIFIED
PHP-Fusion <6.01.14, <6.00.307 - SQL Injection
SQL injection vulnerability in submit.php in PHP-Fusion 6.01.14 and 6.00.307, when magic_quotes_gpc is disabled and the database table prefix is known, allows remote authenticated users to execute arbitrary SQL commands via the submit_info[] parameter in a link submission action. NOTE: it was later reported that 7.00.2 is also affected.
by StAkeR
CVE-2008-5875 EXPLOITDB perl VERIFIED
Joomla! - SQL Injection
SQL injection vulnerability in the com_lowcosthotels component in the Hotel Booking Reservation System (aka HBS) for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a showhoteldetails action to index.php.
by EcHoLL
CVE-2008-5715 EXPLOITDB perl VERIFIED
Mozilla Firefox 3.0.5 - DoS
Mozilla Firefox 3.0.5 on Windows Vista allows remote attackers to cause a denial of service (application crash) via JavaScript code with a long string value for the hash property (aka location.hash). NOTE: it was later reported that earlier versions are also affected, and that the impact is CPU consumption and application hang in unspecified circumstances perhaps involving other platforms.
by Jeremy Brown
CVE-2009-2953 EXPLOITDB perl VERIFIED
Mozilla Firefox - Resource Management Error
Mozilla Firefox 3.0.6 through 3.0.13, and 3.5.x, allows remote attackers to cause a denial of service (CPU consumption) via JavaScript code with a long string value for the hash property (aka location.hash), a related issue to CVE-2008-5715.
by Jeremy Brown
CVE-2008-6897 EXPLOITDB perl VERIFIED
Andres Garcia Getleft - Memory Corruption
Multiple buffer overflows in Getleft.exe in Andres Garcia Getleft 1.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long (1) "a" HTML tag; a long src attribute in (2) embed, (3) img, or (4) script tags; (5) a long background attribute in a body tag; and other unspecified tags.
by Koshi
CVE-2008-6333 EXPLOITDB perl VERIFIED
Matthew General Rss Simple News - SQL Injection
SQL injection vulnerability in news.php in RSS Simple News (RSSSN), when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the pid parameter.
by Piker
CVE-2008-5863 EXPLOITDB perl VERIFIED
Woltlab Burning Board 3.0 - SQL Injection
SQL injection vulnerability in locator.php in the Userlocator module 3.0 for Woltlab Burning Board (wBB) allows remote attackers to execute arbitrary SQL commands via the y parameter in a get_user action.
by katharsis
EIP-2026-110048 EXPLOITDB perl VERIFIED
OneOrZero helpdesk 1.6.x. - Arbitrary File Upload
by Ams
CVE-2008-5851 EXPLOITDB perl VERIFIED
My PBS - SQL Injection
SQL injection vulnerability in index.php in My PHP Baseball Stats (MyPBS) allows remote attackers to execute arbitrary SQL commands via the seasonID parameter.
by Piker
CVE-2008-6787 EXPLOITDB perl VERIFIED
Jeremy Powers Lizardware Cms < 0.6.0 - SQL Injection
SQL injection vulnerability in administrator/index.php in Lizardware CMS 0.6.0 and earlier allows remote attackers to execute arbitrary SQL commands via the user.
by StAkeR
CVE-2008-5778 EXPLOITDB perl VERIFIED
Free Links Directory Script 1.2a - SQL Injection
SQL injection vulnerability in report.php in Free Links Directory Script (FLDS) 1.2a allows remote attackers to execute arbitrary SQL commands via the linkid parameter.
by ka0x
CVE-2006-4948 EXPLOITDB perl VERIFIED
ProSysInfo TFTP Server TFTPDWIN <0.4.2 - Buffer Overflow
Stack-based buffer overflow in tftpd.exe in ProSysInfo TFTP Server TFTPDWIN 0.4.2 and earlier allows remote attackers to execute arbitrary code or cause a denial of service via a long file name. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
by SkD
CVE-2008-4255 EXPLOITDB perl VERIFIED
Microsoft Office Frontpage - Memory Corruption
Heap-based buffer overflow in mscomct2.ocx (aka Windows Common ActiveX control or Microsoft Animation ActiveX control) in Microsoft Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2, and Office Project 2003 SP3 and 2007 Gold and SP1 allows remote attackers to execute arbitrary code via an AVI file with a crafted stream length, which triggers an "allocation error" and memory corruption, aka "Windows Common AVI Parsing Overflow Vulnerability."
by Jerome Athias
CVE-2008-6319 EXPLOITDB perl VERIFIED
Cfmsource CF Calendar - SQL Injection
SQL injection vulnerability in calendarevent.cfm in CF_Calendar allows remote attackers to execute arbitrary SQL commands via the calid parameter.
by AlpHaNiX
CVE-2008-6314 EXPLOITDB perl VERIFIED
Phpbb Tag Board < 4.0 - SQL Injection
SQL injection vulnerability in tag_board.php in the Tag Board module 4.0 and earlier for phpBB allows remote attackers to execute arbitrary SQL commands via the id parameter in a delete action.
by StAkeR
CVE-2008-6158 EXPLOITDB perl VERIFIED
w3b>cms <3.2.0 - Unspecified Vuln
Multiple unspecified vulnerabilities in the admin backend in w3b>cms (aka w3blabor CMS) before 3.2.0 have unknown impact and remote attack vectors.
by DNX
EIP-2026-117759 EXPLOITDB perl VERIFIED
PEiD 0.92 - '.PE' File Universal Buffer Overflow
by SkD
EIP-2026-117826 EXPLOITDB perl VERIFIED
RadASM 2.2.1.5 - '.rap' WindowCallProcA Pointer Hijack
by DATA_SNIPER
CVE-2008-5607 EXPLOITDB perl VERIFIED
JMovies 1.1 - SQL Injection
SQL injection vulnerability in the JMovies (aka JM or com_jmovies) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
by StAkeR
CVE-2008-5586 EXPLOITDB perl VERIFIED
Check Up New Generation <4.52 - SQL Injection
SQL injection vulnerability in findoffice.php in Check Up New Generation (aka Check New) 4.52, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the search parameter.
by CWH Underground
CVE-2008-6446 EXPLOITDB perl VERIFIED
Geniuscyber Maxsite - Code Injection
Static code injection vulnerability in the Guestbook component in CMS MAXSITE allows remote attackers to inject arbitrary PHP code into the guestbook via the message parameter.
by CWH Underground
CVE-2008-6381 EXPLOITDB perl VERIFIED
Bcoos < 1.0.13 - SQL Injection
SQL injection vulnerability in modules/adresses/viewcat.php in bcoos 1.0.13, and possibly earlier, allows remote authenticated users with Addresses module permissions to execute arbitrary SQL commands via the cid parameter.
by CWH Underground
CVE-2008-5405 EXPLOITDB perl VERIFIED
Cain & Abel <4.9.24 - Buffer Overflow
Stack-based buffer overflow in the RDP protocol password decoder in Cain & Abel 4.9.23 and 4.9.24, and possibly earlier, allows remote attackers to execute arbitrary code via an RDP file containing a long string.
by SkD
By Source
All 2,854 Exploitdb 50,121 Writeup 46,717 Nomisec 21,135 Metasploit 3,189 Github 2,247 Vulncheck_xdb 900 Inthewild 518 Gitlab 439 Gitee 415 Patchapalooza 312
By Language
text 31,341 ruby 5,920 python 5,737 c 3,550 perl 2,854 html 2,054 php 1,334 bash 459 java 359 javascript 260 c++ 247 shell 68 go 41 postscript 25 xml 24