Perl Exploits

2,854 exploits tracked across all sources.

Sort: Activity Stars
CVE-2008-3772 EXPLOITDB perl VERIFIED
Pars4u Videosharing - SQL Injection
SQL injection vulnerability in categories_portal.php in Pars4u Videosharing 1 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.
by Mr.SQL
CVE-2008-3734 EXPLOITDB perl VERIFIED
Ipswitch WS FTP Home - Format String Vulnerability
Format string vulnerability in Ipswitch WS_FTP Home 2007.0.0.2 and WS_FTP Professional 2007.1.0.0 allows remote FTP servers to cause a denial of service (application crash) or possibly execute arbitrary code via format string specifiers in a connection greeting (response).
by securfrog
CVE-2008-4321 EXPLOITDB perl VERIFIED
Flashget FTP - Memory Corruption
Buffer overflow in FlashGet (formerly JetCar) FTP 1.9 allows remote FTP servers to execute arbitrary code via a long response to the PWD command.
by Guido Landi
CVE-2008-3795 EXPLOITDB perl VERIFIED
Ipswitch WS_FTP Home - Buffer Overflow
Buffer overflow in Ipswitch WS_FTP Home client allows remote FTP servers to have an unknown impact via a long "message response."
by securfrog
CVE-2008-4321 EXPLOITDB perl VERIFIED
Flashget FTP - Memory Corruption
Buffer overflow in FlashGet (formerly JetCar) FTP 1.9 allows remote FTP servers to execute arbitrary code via a long response to the PWD command.
by SkOd
CVE-2006-6199 EXPLOITDB perl VERIFIED
Blazevideo Blaze Dvd - Memory Corruption
Stack-based buffer overflow in BlazeVideo BlazeDVD Standard and Professional 5.0, and possibly earlier, allows remote attackers to execute arbitrary code via a long filename in a PLF playlist.
by LiquidWorm
CVE-2008-3667 EXPLOITDB perl VERIFIED
Maxthon Browser <2.0 - Buffer Overflow
Stack-based buffer overflow in Maxthon Browser 2.0 and earlier allows remote attackers to execute arbitrary code via a long Content-type HTTP header.
by DATA_SNIPER
CVE-2008-3495 EXPLOITDB perl VERIFIED
Pcshey Portal - SQL Injection
SQL injection vulnerability in kategori.asp in Pcshey Portal allows remote attackers to execute arbitrary SQL commands via the kid parameter.
by U238
CVE-2008-3586 EXPLOITDB perl VERIFIED
Joomla! com_ezstore - SQL Injection
SQL injection vulnerability in the EZ Store (com_ezstore) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php.
by His0k4
CVE-2008-3571 EXPLOITDB perl VERIFIED
Xerox Phaser 8400 - DoS
The Xerox Phaser 8400 allows remote attackers to cause a denial of service (reboot) via an empty UDP packet to port 1900.
by crit3rion
CVE-2008-3589 EXPLOITDB perl VERIFIED
MoziloCMS 1.10.1 - Path Traversal
Directory traversal vulnerability in download.php in moziloCMS 1.10.1, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the cat parameter.
by Ams
CVE-2008-7091 EXPLOITDB perl VERIFIED
Pligg Cms < 9.9.0 - SQL Injection
Multiple SQL injection vulnerabilities in Pligg 9.9 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to vote.php, which is not properly handled in libs/link.php; (2) id parameter to trackback.php; (3) an unspecified parameter to submit.php; (4) requestTitle variable in a query to story.php; (5) requestID and (6) requestTitle variables in recommend.php; (7) categoryID parameter to cloud.php; (8) title parameter to out.php; (9) username parameter to login.php; (10) id parameter to cvote.php; and (11) commentid parameter to edit.php.
by GulfTech Security
CVE-2008-3452 EXPLOITDB perl VERIFIED
eNdonesia 8.4 - SQL Injection
SQL injection vulnerability in the Calendar module in eNdonesia 8.4 allows remote attackers to execute arbitrary SQL commands via the loc_id parameter in a list_events action to mod.php.
by Jack
CVE-2008-3408 EXPLOITDB perl VERIFIED
CoolPlayer <2.18 - Buffer Overflow
Stack-based buffer overflow in CoolPlayer 2.18, and possibly other versions, allows user-assisted remote attackers to execute arbitrary code via a crafted m3u file.
by Guido Landi
CVE-2008-6438 EXPLOITDB perl VERIFIED
E107coders Macguru Blog Engine Plugin - SQL Injection
SQL injection vulnerability in macgurublog_menu/macgurublog.php in the MacGuru BLOG Engine plugin 2.2 for e107 allows remote attackers to execute arbitrary SQL commands via the uid parameter, a different vector than CVE-2008-2455. NOTE: it was later reported that 2.1.4 is also affected.
by Virangar Security
CVE-2008-3361 EXPLOITDB perl VERIFIED
IntelliTamper 2.07 - Buffer Overflow
Stack-based buffer overflow in IntelliTamper 2.07 allows remote web sites to execute arbitrary code via a long HTTP Server header.
by Koshi
CVE-2008-3360 EXPLOITDB perl VERIFIED
IntelliTamper 2.0.7 - RCE
Stack-based buffer overflow in the HTML parser in IntelliTamper 2.0.7 allows remote attackers to execute arbitrary code via a long URL in the HREF attribute of an A element, a different vulnerability than CVE-2006-2494.
by Guido Landi
EIP-2026-116088 EXPLOITDB perl VERIFIED
PowerDVD 8.0 - '.m3u' / '.pls' Multiple Buffer Overflow Vulnerabilities
by LiquidWorm
CVE-2008-5755 EXPLOITDB perl VERIFIED
IntelliTamper <2.08 - Buffer Overflow
Stack-based buffer overflow in IntelliTamper 2.07 and 2.08 allows remote attackers to execute arbitrary code via a MAP file containing a long URL, possibly a related issue to CVE-2006-2494.
by Guido Landi
CVE-2008-3360 EXPLOITDB perl VERIFIED
IntelliTamper 2.0.7 - RCE
Stack-based buffer overflow in the HTML parser in IntelliTamper 2.0.7 allows remote attackers to execute arbitrary code via a long URL in the HREF attribute of an A element, a different vulnerability than CVE-2006-2494.
by Guido Landi
CVE-2008-3343 EXPLOITDB perl VERIFIED
MyioSoft EasyPublish <3.0tr - SQL Injection
SQL injection vulnerability in staticpages/easypublish/index.php in MyioSoft EasyPublish 3.0tr (trial edition) allows remote attackers to execute arbitrary SQL commands via the read parameter in a search action.
by Dr.Crash
CVE-2008-3345 EXPLOITDB perl VERIFIED
MyioSoft EasyE-Cards <3.10a - SQL Injection
SQL injection vulnerability in staticpages/easyecards/index.php in MyioSoft EasyE-Cards 3.5 trial edition (tr) and 3.10a, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the sid parameter in a pickup action.
by Dr.Crash
CVE-2008-3347 EXPLOITDB perl VERIFIED
MyioSoft EasyDynamicPages <3.0 - SQL Injection
SQL injection vulnerability in staticpages/easycalendar/index.php in MyioSoft EasyDynamicPages 3.0 trial edition (tr) allows remote attackers to execute arbitrary SQL commands via the read parameter.
by Dr.Crash
CVE-2008-3250 EXPLOITDB perl VERIFIED
Arctic Issue Tracker 2.0.0 - SQL Injection
SQL injection vulnerability in index.php in Arctic Issue Tracker 2.0.0 allows remote attackers to execute arbitrary SQL commands via the filter parameter.
by ldma
CVE-2008-3263 EXPLOITDB perl VERIFIED
Asterisk Open Source <1.2.30, 1.4.x <1.4.21.2 - DoS
The IAX2 protocol implementation in Asterisk Open Source 1.0.x, 1.2.x before 1.2.30, and 1.4.x before 1.4.21.2; Business Edition A.x.x, B.x.x before B.2.5.4, and C.x.x before C.1.10.3; AsteriskNOW; Appliance Developer Kit 0.x.x; and s800i 1.0.x before 1.2.0.1 allows remote attackers to cause a denial of service (call-number exhaustion and CPU consumption) by quickly sending a large number of IAX2 (IAX) POKE requests.
by Blake Cornell
By Source
All 2,854 Exploitdb 50,121 Writeup 46,733 Nomisec 21,197 Metasploit 3,189 Github 2,248 Vulncheck_xdb 900 Inthewild 518 Gitlab 439 Gitee 415 Patchapalooza 312
By Language
text 31,341 ruby 5,920 python 5,738 c 3,550 perl 2,854 html 2,054 php 1,334 bash 459 java 359 javascript 260 c++ 247 shell 68 go 41 postscript 25 xml 24