Perl Exploits
2,849 exploits tracked across all sources.
Microsoft Digital Image Suite - Remote Code Execution via Malformed BMP BitMapInfoHeader
Integer overflow in gdiplus.dll in GDI+ in Microsoft Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a BMP image file with a malformed BitMapInfoHeader that triggers a buffer overflow, aka "GDI+ BMP Integer Overflow Vulnerability."
by John Smith
Microsoft GDI+ - Remote Code Execution via Malformed GIF Image Parsing
gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a malformed GIF image file containing many extension markers for graphic control extensions and subsequent unknown labels, aka "GDI+ GIF Parsing Vulnerability."
by John Smith
Stash 1.0.3 - SQL Injection via Username or Post Parameter
Multiple SQL injection vulnerabilities in Stash 1.0.3 allow remote attackers to execute arbitrary SQL commands via (1) the username parameter to admin/login.php and (2) the post parameter to admin/news.php.
by gnix
Internet Download Manager - Stack-based Buffer Overflow via Crafted AppleDouble File
Stack-based buffer overflow in the file parsing function in Tonec Internet Download Manager, possibly 5.14 and earlier, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted AppleDouble file containing a long string. NOTE: this is probably a different vulnerability than CVE-2005-2210.
by Ciph3r
Yerba < 6.3 - Remote Code Execution via Path Traversal in mod Parameter
Directory traversal vulnerability in index.php in SAC.php (SACphp), as used in Yerba 6.3 and earlier, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the mod parameter.
by Pepelux
geccBBlite 2.0 - SQL Injection via leggi.php id Parameter
SQL injection vulnerability in leggi.php in geccBBlite 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by Piker
Galerie 3.2 - SQL Injection via pic Parameter
SQL injection vulnerability in galerie.php in Galerie 3.2 allows remote attackers to execute arbitrary SQL commands via the pic parameter.
by J0hn.X3r
FOSS Gallery 1.0 beta - Unauthenticated Arbitrary File Upload via processFiles.php
Unrestricted file upload vulnerability in processFiles.php in FOSS Gallery Admin and FOSS Gallery Public 1.0 beta allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in the root directory.
by JosS
mIRC 6.34 - Remote Code Execution via Long Hostname in PRIVMSG
Stack-based buffer overflow in mIRC 6.34 allows remote attackers to execute arbitrary code via a long hostname in a PRIVMSG message.
by SkD
MaxiScript Website Directory - Cross-Site Scripting via Keyword Parameter in Search Action
Cross-site scripting (XSS) vulnerability in index.php in MaxiScript Website Directory allows remote attackers to inject arbitrary web script or HTML via the keyword parameter in a search action.
by Ghost Hacker
IP Reg < 0.4 - SQL Injection via user_name Parameter
SQL injection vulnerability in login.php in IP Reg 0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the user_name parameter.
by StAkeR
AdaptCMS 1.3 - SQL Injection via Check User Feature
SQL injection vulnerability in the "Check User" feature (includes/check_user.php) in AdaptCMS Lite and AdaptCMS Pro 1.3 allows remote attackers to execute arbitrary SQL commands via the user_name parameter.
by StAkeR
Cambridge Computer Corporation vxFtpSrv 2.0.3 - Buffer Overflow via CWD Request
Buffer overflow in Cambridge Computer Corporation vxFtpSrv 2.0.3 allows remote attackers to cause a denial of service (crash and hang) and possibly execute arbitrary code via a long CWD request.
by Julien Bedard
mIRC 6.34 - Remote Code Execution via Long Hostname in PRIVMSG
Stack-based buffer overflow in mIRC 6.34 allows remote attackers to execute arbitrary code via a long hostname in a PRIVMSG message.
by securfrog
ADN Forum 1.0b - SQL Injection via fid or pagid Parameter
Multiple SQL injection vulnerabilities in ADN Forum 1.0b allow remote attackers to execute arbitrary SQL commands via the (1) fid parameter in index.php and (2) pagid parameter in verpag.php, and possibly other vectors.
by StAkeR
WinFTP FTP Server 2.3.0 - Authenticated Denial of Service via Invalid NLST Command
WinFTP FTP Server 2.3.0, when passive (aka PASV) mode is used, allows remote authenticated users to cause a denial of service via a sequence of FTP sessions that include an invalid "NLST -1" command.
by Julien Bedard
Microsoft Windows Mobile 6.0 - Denial of Service via Bluetooth Long Name Handling
Microsoft Windows Mobile 6.0 on HTC Wiza 200 and HTC MDA 8125 devices does not properly handle the first attempt to establish a Bluetooth connection to a peer with a long name, which allows remote attackers to cause a denial of service (device reboot) by configuring a Bluetooth device with a long hci name and (1) connecting directly to the Windows Mobile system or (2) waiting for the Windows Mobile system to scan for nearby devices.
by Julien Bedard
Libra PHP File Manager < 1.18 - Improper Authentication Bypass via Query String Parameters
fileadmin.php in Libra File Manager (aka Libra PHP File Manager) 1.18 and earlier allows remote attackers to bypass authentication, and read arbitrary files, modify arbitrary files, and list arbitrary directories, by inserting certain user and isadmin parameters in the query string.
by Pepelux
Libra File Manager 1.18/2.0 - 'fileadmin.php' Local File Inclusion
by Pepelux
Rianxosencabos CMS 0.9 - Unauthenticated Authentication Bypass via Cookie Manipulation
Rianxosencabos CMS 0.9 allows remote attackers to bypass authentication and gain administrative access by setting the usuario and pass cookies to 1.
by ka0x
iGaming CMS < 1.5 - SQL Injection via browse Parameter
Multiple SQL injection vulnerabilities in iGaming 1.5 and earlier allow remote attackers to execute arbitrary SQL commands via the browse parameter to (1) previews.php and (2) reviews.php, and the (3) id parameter to index.php in a viewarticle action.
by StAkeR
CJ Ultra Plus 1.0.4 - SQL Injection via SID Cookie
SQL injection vulnerability in CJ Ultra Plus 1.0.4 and earlier allows remote attackers to execute arbitrary SQL commands via an SID cookie.
by -SmoG-
fhttpd 0.4.2 - Denial of Service via Malformed Authorization Header
fhttpd 0.4.2 allows remote attackers to cause a denial of service (crash) via an Authorization HTTP header with an invalid character after the Basic value.
by Jeremy Brown
By Source