Perl Exploits

2,854 exploits tracked across all sources.

Sort: Activity Stars
CVE-2008-1311 EXPLOITDB perl VERIFIED
PacketTrap pt360 Tool Suite PRO <2.0.3901.0 - DoS
The TFTP server in PacketTrap pt360 Tool Suite PRO 2.0.3901.0 and earlier allows remote attackers to cause a denial of service (daemon hang) by uploading a file named (1) '|' (pipe), (2) '"' (quotation mark), or (3) "<>" (less than, greater than); or (4) a file with a long name. NOTE: the issue for vector 4 might exist because of an incomplete fix for CVE-2008-1312.
by Jeremy Brown
CVE-2008-6811 EXPLOITDB perl VERIFIED
Instinct E-commerce Plugin < 3.4 - Unrestricted File Upload
Unrestricted file upload vulnerability in image_processing.php in the e-Commerce Plugin 3.4 and earlier for Wordpress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in wp-content/plugins/wp-shopping-cart/.
by t0pP8uZz
CVE-2008-6814 EXPLOITDB perl VERIFIED
JAN DE Graaff Com Simpleboard < 1.0.1 - Improper Input Validation
Unrestricted file upload vulnerability in image_upload.php in the SimpleBoard (com_simpleboard) component 1.0.1 and earlier for Mambo allows remote attackers to execute arbitrary code by uploading a file with an executable extension and an image/jpeg content type, then accessing this file via a direct request to the file in components/com_simpleboard/, a different vulnerability than CVE-2006-3528.
by t0pP8uZz
CVE-2008-6806 EXPLOITDB perl VERIFIED
7-shop 7shop < 1.1 - Improper Input Validation
Unrestricted file upload vulnerability in includes/imageupload.php in 7Shop 1.1 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in images/artikel/.
by t0pP8uZz
EIP-2026-107548 EXPLOITDB perl VERIFIED
H2O-CMS 3.4 - Remote Command Execution
by StAkeR
EIP-2026-107547 EXPLOITDB perl VERIFIED
H2O-CMS 3.4 - PHP Code Injection / Cookie Authentication Bypass
by StAkeR
CVE-2008-4786 EXPLOITDB perl VERIFIED
E107 Easyshop Plugin - SQL Injection
SQL injection vulnerability in easyshop.php in the EasyShop plugin for e107 allows remote attackers to execute arbitrary SQL commands via the category_id parameter.
by StAkeR
CVE-2008-4760 EXPLOITDB perl VERIFIED
Graphiks Myforum - SQL Injection
SQL injection vulnerability in lecture.php in Graphiks MyForum 1.3, when register_globals is enabled, allows remote attackers to execute arbitrary SQL commands via the id parameter.
by Vrs-hCk
CVE-2008-6789 EXPLOITDB perl VERIFIED
Minddezign Photo Gallery - SQL Injection
SQL injection vulnerability in MindDezign Photo Gallery 2.2 allows remote attackers to execute arbitrary SQL commands via the username parameter in a login action to the admin module in index.php, a different vector than CVE-2008-6788.
by CWH Underground
CVE-2008-4686 EXPLOITDB perl VERIFIED
Videolan Vlc Media Player - Numeric Error
Multiple integer overflows in ty.c in the TY demux plugin (aka the TiVo demuxer) in VideoLAN VLC media player, probably 0.9.4, might allow remote attackers to execute arbitrary code via a crafted .ty file, a different vulnerability than CVE-2008-4654.
by Guido Landi
CVE-2008-6175 EXPLOITDB perl VERIFIED
K2sxs Silvershield - Improper Input Validation
SilverSHielD 1.0.2.34 allows remote attackers to cause a denial of service (application crash) via a crafted argument to the opendir SFTP command.
by Jeremy Brown
CVE-2008-6790 EXPLOITDB perl VERIFIED
Minddezign Photo Gallery - Improper Input Validation
The admin module in MindDezign Photo Gallery 2.2 allows remote attackers to add administrative users and gain privileges via a modified username parameter in an edit account action to index.php.
by CWH Underground
CVE-2008-4726 EXPLOITDB perl VERIFIED
Goodtechsystems Goodtech SSH - Memory Corruption
Stack-based buffer overflow in the SFTP subsystem in GoodTech SSH 6.4 allows remote authenticated users to execute arbitrary code via a long string to the (1) open (aka SSH_FXP_OPEN), (2) unlink, (3) opendir, and other unspecified parameters.
by r0ut3r
CVE-2008-4762 EXPLOITDB perl VERIFIED
Freesshd - Memory Corruption
Stack-based buffer overflow in freeSSHd 1.2.1 allows remote authenticated users to cause a denial of service (service crash) and potentially execute arbitrary code via a long argument to the (1) rename and (2) realpath parameters.
by Jeremy Brown
CVE-2008-4762 EXPLOITDB perl VERIFIED
Freesshd - Memory Corruption
Stack-based buffer overflow in freeSSHd 1.2.1 allows remote authenticated users to cause a denial of service (service crash) and potentially execute arbitrary code via a long argument to the (1) rename and (2) realpath parameters.
by Jeremy Brown
CVE-2008-6077 EXPLOITDB perl VERIFIED
LoudBlog <0.8.0a - SQL Injection
SQL injection vulnerability in loudblog/ajax.php in LoudBlog 0.8.0a and earlier allows remote authenticated users to execute arbitrary SQL commands via the colpick parameter in a singleread action.
by Xianur0
CVE-2008-4686 EXPLOITDB perl VERIFIED
Videolan Vlc Media Player - Numeric Error
Multiple integer overflows in ty.c in the TY demux plugin (aka the TiVo demuxer) in VideoLAN VLC media player, probably 0.9.4, might allow remote attackers to execute arbitrary code via a crafted .ty file, a different vulnerability than CVE-2008-4654.
by Guido Landi
CVE-2008-4434 EXPLOITDB perl VERIFIED
Utorrent < 1.7.7 - Memory Corruption
Stack-based buffer overflow in (1) uTorrent 1.7.7 build 8179 and earlier and (2) BitTorrent 6.0.3 build 8642 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long Created By field in a .torrent file.
by Guido Landi
CVE-2008-4556 EXPLOITDB perl VERIFIED
SUN Solaris - Memory Corruption
Stack-based buffer overflow in the adm_build_path function in sadmind in Sun Solstice AdminSuite on Solaris 8 and 9 allows remote attackers to execute arbitrary code via a crafted request.
by kingcope
CVE-2007-3939 EXPLOITDB perl VERIFIED
Spoonlabs Vivvo Article Management Cms < 3.40 - SQL Injection
SQL injection vulnerability in index.php in SpoonLabs Vivvo Article Management CMS (aka phpWordPress) CMS 3.4 and earlier allows remote attackers to execute arbitrary SQL commands via the category parameter.
by Xianur0
CVE-2008-5320 EXPLOITDB perl VERIFIED
e107 <0.7.13 - SQL Injection
SQL injection vulnerability in usersettings.php in e107 0.7.13 and earlier allows remote authenticated users to execute arbitrary SQL commands via the ue[] parameter.
by girex
CVE-2008-5321 EXPLOITDB perl VERIFIED
GesGaleri - SQL Injection
SQL injection vulnerability in index.php in GesGaleri, a module for XOOPS, allows remote attackers to execute arbitrary SQL commands via the no parameter.
by EcHoLL
EIP-2026-110690 EXPLOITDB perl VERIFIED
PHP Easy Downloader 1.5 - Remote File Creation
by StAkeR
CVE-2008-4620 EXPLOITDB perl VERIFIED
Mrbs < 1.2.6 - SQL Injection
SQL injection vulnerability in Meeting Room Booking System (MRBS) before 1.4 allows remote attackers to execute arbitrary SQL commands via the area parameter to (1) month.php, and possibly (2) day.php and (3) week.php.
by Xianur0
CVE-2008-4603 EXPLOITDB perl VERIFIED
Igaming Cms - SQL Injection
SQL injection vulnerability in search.php in iGaming CMS 2.0 Alpha 1 allows remote attackers to execute arbitrary SQL commands via the keywords parameter in a search_games action.
by StAkeR
By Source
All 2,854 Exploitdb 50,121 Writeup 46,717 Nomisec 21,135 Metasploit 3,189 Github 2,247 Vulncheck_xdb 900 Inthewild 518 Gitlab 439 Gitee 415 Patchapalooza 312
By Language
text 31,341 ruby 5,920 python 5,737 c 3,550 perl 2,854 html 2,054 php 1,334 bash 459 java 359 javascript 260 c++ 247 shell 68 go 41 postscript 25 xml 24