Perl Exploits

2,854 exploits tracked across all sources.

Sort: Activity Stars
CVE-2007-3325 EXPLOITDB perl VERIFIED
LAN Management System <1.9.6 - RCE
PHP remote file inclusion vulnerability in lib/language.php in LAN Management System (LMS) 1.9.6 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the _LIB_DIR parameter, a different vector than CVE-2007-1643 and CVE-2007-2205.
by Kw3[R]Ln
CVE-2007-3234 EXPLOITDB perl VERIFIED
Fuzzylime Forum - SQL Injection
SQL injection vulnerability in low.php in Fuzzylime Forum 1.0 allows remote attackers to execute arbitrary SQL commands via the topic parameter.
by Silentz
CVE-2007-3235 EXPLOITDB perl VERIFIED
Fuzzylime Forum - SQL Injection
Cross-site scripting (XSS) vulnerability in low.php in Fuzzylime Forum 1.0 allows remote attackers to inject arbitrary web script or HTML via the topic parameter. NOTE: this might be resultant from SQL injection.
by Silentz
CVE-2007-3159 EXPLOITDB perl VERIFIED
Miniweb HTTP Server - Denial of Service
http.c in MiniWeb Http Server 0.8.x allows remote attackers to cause a denial of service (application crash) via a negative value in the Content-Length HTTP header.
by gbr
CVE-2007-3088 EXPLOITDB perl VERIFIED
Gaya Design Comicsense - SQL Injection
SQL injection vulnerability in index.php in Comicsense allows remote attackers to execute arbitrary SQL commands via the epi parameter.
by Silentz
EIP-2026-103450 EXPLOITDB perl VERIFIED
DRDoS - Distributed Reflection Denial of Service
by whoppix
CVE-2007-2791 EXPLOITDB perl VERIFIED
HP Tru64 UNIX <5.1B-4/5.1B-3 - Info Disclosure
Unspecified vulnerability in the Secure Shell (SSH) in HP Tru64 UNIX 5.1B-4 and 5.1B-3 allows remote attackers to identify valid users via unspecified vectors, probably related to timing attacks and AuthInteractiveFailureRandomTimeout.
by bunker
CVE-2007-2942 EXPLOITDB perl VERIFIED
My Little Forum <1.7 - SQL Injection
SQL injection vulnerability in user.php in My Little Forum 1.7 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
by Silentz
CVE-2007-2888 EXPLOITDB perl VERIFIED
UltraISO <8.6.2.2011 - Buffer Overflow
Stack-based buffer overflow in UltraISO 8.6.2.2011 and earlier allows user-assisted remote attackers to execute arbitrary code via a long FILE string (filename) in a .cue file, a related issue to CVE-2007-2761. NOTE: some details are obtained from third party information.
by n00b
CVE-2007-2889 EXPLOITDB perl VERIFIED
Dokeos <1.6.5 - SQL Injection
SQL injection vulnerability in tracking/courseLog.php in Dokeos 1.6.5 and earlier allows remote attackers to execute arbitrary SQL commands via the scormcontopen parameter.
by Silentz
CVE-2007-2901 EXPLOITDB perl VERIFIED
Dokeos <1.8.0 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 1.8.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the img parameter to main/inc/lib/fckeditor/editor/plugins/ImageManager/editor.php and other unspecified vectors.
by Silentz
CVE-2007-2884 EXPLOITDB perl VERIFIED
Microsoft Visual Basic 6 - Buffer Overflow
Multiple stack-based buffer overflows in Microsoft Visual Basic 6 allow user-assisted remote attackers to cause a denial of service (CPU consumption) or execute arbitrary code via a Visual Basic Project (vbp) file with a long (1) Description or (2) Company Name (VersionCompanyName) field.
by UmZ
CVE-2007-2884 EXPLOITDB perl VERIFIED
Microsoft Visual Basic 6 - Buffer Overflow
Multiple stack-based buffer overflows in Microsoft Visual Basic 6 allow user-assisted remote attackers to cause a denial of service (CPU consumption) or execute arbitrary code via a Visual Basic Project (vbp) file with a long (1) Description or (2) Company Name (VersionCompanyName) field.
by UmZ
CVE-2007-2902 EXPLOITDB perl VERIFIED
Dokeos <1.8.0 - SQL Injection
SQL injection vulnerability in main/auth/my_progress.php in Dokeos 1.8.0 and earlier allows remote authenticated users to execute arbitrary SQL commands via the course parameter.
by Silentz
EIP-2026-115664 EXPLOITDB perl VERIFIED
Microsoft IIS 6.0 - '/AUX / '.aspx' Remote Denial of Service
by kingcope
CVE-2007-2750 EXPLOITDB perl VERIFIED
SimpNews <2.40.01 - SQL Injection
SQL injection vulnerability in print.php in SimpNews 2.40.01 and earlier allows remote attackers to execute arbitrary SQL commands via the newsnr parameter.
by Silentz
CVE-2007-2749 EXPLOITDB perl VERIFIED
FAQEngine <4.16.03 - SQL Injection
SQL injection vulnerability in question.php in FAQEngine 4.16.03 and earlier allows remote attackers to execute arbitrary SQL commands via the questionref parameter in a display action.
by Silentz
CVE-2007-2737 EXPLOITDB perl VERIFIED
MyConference 1.0 - SQL Injection
SQL injection vulnerability in index.php in the MyConference 1.0 module for Xoops allows remote attackers to execute arbitrary SQL commands via the cid parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
by ajann
CVE-2007-2738 EXPLOITDB perl VERIFIED
Glossaire <1.7 - SQL Injection
SQL injection vulnerability in glossaire-p-f.php in the Glossaire 1.7 and earlier module for Xoops allows remote attackers to execute arbitrary SQL commands via the sid parameter in an ImprDef action.
by ajann
CVE-2007-2622 EXPLOITDB perl VERIFIED
TaskDriver <1.2 - SQL Injection
Multiple SQL injection vulnerabilities in TaskDriver 1.2 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the username parameter to login.php or (2) the taskid parameter to notes.php.
by Silentz
CVE-2007-2599 EXPLOITDB perl VERIFIED
TutorialCMS <1.00 - SQL Injection
Multiple SQL injection vulnerabilities in TutorialCMS (aka Photoshop Tutorials) 1.00 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) catFile parameter to (a) browseCat.php or (b) browseSubCat.php; the (2) id parameter to (c) openTutorial.php, (d) topFrame.php, or (e) admin/editListing.php; or (3) the search parameter to search.php.
by Silentz
CVE-2007-2600 EXPLOITDB perl VERIFIED
TutorialCMS <1.00 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in TutorialCMS (aka Photoshop Tutorials) 1.00 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) catFile parameter to (a) browseCat.php or (b) browseSubCat.php; the (2) id parameter to (c) openTutorial.php, (d) topFrame.php, or (e) admin/editListing.php; or the (3) search parameter to search.php.
by Silentz
CVE-2007-2598 EXPLOITDB perl VERIFIED
SimpleNews 1.0.0 FINAL - SQL Injection
SQL injection vulnerability in print.php in SimpleNews 1.0.0 FINAL allows remote attackers to execute arbitrary SQL commands via the news_id parameter.
by Silentz
CVE-2007-2560 EXPLOITDB perl VERIFIED
ACGVannu <1.3 - Path Traversal
Directory traversal vulnerability in theme/acgv.php in ACGVannu 1.3 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the rubrik parameter.
by BeyazKurt
CVE-2007-2628 EXPLOITDB perl VERIFIED
Justin Koivisto SecurityAdmin <4.0.2 - RCE
PHP remote file inclusion vulnerability in include/logout.php in Justin Koivisto SecurityAdmin for PHP (aka PHPSecurityAdmin, PSA) 4.0.2 allows remote attackers to execute arbitrary PHP code via a URL in the PSA_PATH parameter.
by ilker Kandemir
By Source
All 2,854 Exploitdb 50,121 Writeup 46,830 Nomisec 21,202 Metasploit 3,189 Github 2,258 Vulncheck_xdb 900 Inthewild 518 Gitlab 439 Gitee 415 Patchapalooza 312
By Language
text 31,341 ruby 5,920 python 5,742 c 3,550 perl 2,854 html 2,055 php 1,334 bash 459 java 360 javascript 260 c++ 247 shell 69 go 41 postscript 25 xml 24