Perl Exploits
2,849 exploits tracked across all sources.
Allied Telesyn AT-TFTP < 1.9 - Stack-Based Buffer Overflow via Long Filename in GET or PUT Command
Multiple stack-based buffer overflows in Allied Telesyn TFTP Server (AT-TFTP) 1.9, and possibly earlier, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a long filename in a (1) GET or (2) PUT command.
by Jacopo Cervini
Open Solution Quick.Cart 2.0 - Path Traversal
Multiple directory traversal vulnerabilities in Open Solution Quick.Cart 2.0, when register_globals is enabled and magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the config[db_type] parameter to (1) categories.php, (2) couriers.php, (3) orders.php, and (4) products.php in actions_admin/; and (5) orders.php and (6) products.php in actions_client/; as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by one of these PHP scripts.
by r0ut3r
NetBSD-current <20050914 - NetBSD libc - RCE
Buffer overflow in the glob implementation (glob.c) in libc in NetBSD-current before 20050914, NetBSD 2.* and 3.* before 20061203, and Apple Mac OS X before 2007-004, as used by the FTP daemon and tnftpd, allows remote authenticated users to execute arbitrary code via a long pathname that results from path expansion.
by kcope
NetBSD-current <20050914 - NetBSD libc - RCE
Buffer overflow in the glob implementation (glob.c) in libc in NetBSD-current before 20050914, NetBSD 2.* and 3.* before 20061203, and Apple Mac OS X before 2007-004, as used by the FTP daemon and tnftpd, allows remote authenticated users to execute arbitrary code via a long pathname that results from path expansion.
by kingcope
MailEnable Professional/E 2.0 - RCE/DoS
The NTLM authentication in MailEnable Professional 2.0 and Enterprise 2.0 allows remote attackers to (1) execute arbitrary code via unspecified vectors involving crafted base64 encoded NTLM Type 3 messages, or (2) cause a denial of service via crafted base64 encoded NTLM Type 1 messages, which trigger a buffer over-read.
by mu-b
NukeAI 0.0.3 Beta - Remote File Inclusion via AIbasedir Parameter
PHP remote file inclusion vulnerability in modules/NukeAI/util.php in the NukeAI 0.0.3 Beta module for PHP-Nuke, aka Program E is an AIML chatterbot, allows remote attackers to execute arbitrary PHP code via a URL in the AIbasedir parameter.
by DeltahackingTEAM
NukeAI 0.0.3 Beta - Unauthenticated Arbitrary PHP Code Execution via Filename and Moreinfo Parameters
Direct static code injection vulnerability in util.php in the NukeAI 0.0.3 Beta module for PHP-Nuke, aka Program E is an AIML chatterbot, allows remote attackers to upload and execute arbitrary PHP code via a filename with a .php extension in the filename parameter and code in the moreinfo parameter, which is saved to a filename under descriptions/, which is accessible via a direct request.
by DeltahackingTEAM
cahier_de_textes < 2.2 - Unauthenticated Directory Traversal and Source Code Disclosure via chemin Parameter
administration/telecharger.php in Cahier de texte 2.0 allows remote attackers to obtain unparsed content (source code) of files via the chemin parameter, as demonstrated using directory traversal sequences to obtain the MySQL username and password from conn_cahier_de_texte.php. NOTE: it is not clear whether the scope of this issue extends above the web document root, and whether directory traversal is the primary vulnerability.
by DarkFig
fipsCMS < 4.5 - SQL Injection via fid Parameter
SQL injection vulnerability in index.asp in fipsCMS 4.5 and earlier allows remote attackers to execute arbitrary SQL commands via the fid parameter.
by ajann
ContentNow < 1.39 - SQL Injection via PageID Parameter
SQL injection vulnerability in index.php in ContentNow 1.39 and earlier allows remote attackers to execute arbitrary SQL commands via the pageid parameter. NOTE: this issue can be leveraged for path disclosure with an invalid pageid parameter.
by Revenge
PHP Easy Downloader 1.5 - 'save.php' Remote Code Execution
by nuffsaid
MosReporter - Remote File Inclusion via mosConfig_absolute_path Parameter
PHP remote file inclusion vulnerability in reporter.logic.php in the MosReporter (com_reporter) component for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
by Crackers_Child
Etomite 0.6.1.2 - Authenticated Path Traversal and Arbitrary File Execution via Manager Index f Parameter
Directory traversal vulnerability in manager/index.php in Etomite 0.6.1.2 allows remote authenticated administrators to include and execute arbitrary local files via a .. (dot dot) in the f parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by index.php.
by Revenge
Teamtek Universal FTP Server 1.0.50 - Denial of Service via STOR or MKD Command
Teamtek Universal FTP Server 1.0.50 allows remote attackers to cause a denial of service (daemon crash or hang) via (1) multiple STOR (aka PUT) commands, or an MKD command followed by (2) a '*' argument, (3) a '|' argument, (4) spaces, or (5) a long string. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
by Praveen Darhanam
Kerio WebSTAR <5.4.2 - Privilege Escalation
Untrusted search path vulnerability in (1) WSAdminServer and (2) WSWebServer in Kerio WebSTAR (4D WebSTAR Server Suite) 5.4.2 and earlier allows local users with webstar privileges to gain root privileges via a malicious libucache.dylib helper library in the current working directory.
by Kevin Finisterre
Teamtek Universal FTP Server 1.0.50 - Denial of Service via STOR or MKD Command
Teamtek Universal FTP Server 1.0.50 allows remote attackers to cause a denial of service (daemon crash or hang) via (1) multiple STOR (aka PUT) commands, or an MKD command followed by (2) a '*' argument, (3) a '|' argument, (4) spaces, or (5) a long string. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
by Adriel T. Desautels
CMSmelborp Beta - Remote File Inclusion via relative_root Parameter
PHP remote file inclusion vulnerability in includes/user_standard.php in CMSmelborp Beta allows remote attackers to execute arbitrary PHP code via a URL in the relative_root parameter.
by DeltahackingTEAM
Munch Pro 1.0 - SQL Injection via subMenu Page catid Parameter
SQL injection vulnerability on the subMenu page in switch.asp in Munch Pro 1.0 allows remote attackers to execute arbitrary SQL commands via the catid parameter.
by ajann
Dynamic Dataworx NuSchool 1.0 - SQL Injection via CampusNewsDetails.asp NewsID Parameter
SQL injection vulnerability in CampusNewsDetails.asp in Dynamic Dataworx NuSchool 1.0 allows remote attackers to execute arbitrary SQL commands via the NewsID parameter.
by ajann
Dynamic Dataworx NuRealestate 1.0 - SQL Injection via PropID Parameter
SQL injection vulnerability in propertysdetails.asp in Dynamic Dataworx NuRealestate (NuRems) 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the PropID parameter.
by ajann
Dynamic Dataworx NuCommunity 1.0 - SQL Injection via cl_cat_ID Parameter
SQL injection vulnerability in cl_CatListing.asp in Dynamic Dataworx NuCommunity 1.0 allows remote attackers to execute arbitrary SQL commands via the cl_cat_ID parameter.
by ajann
phpmanta < 1.0.2 - Directory Traversal via File Parameter
Directory traversal vulnerability in Mdoc/view-sourcecode.php for phpManta 1.0.2 and earlier allows remote attackers to read and include arbitrary files via ".." sequences in the file parameter.
by ajann
ASPired2Poll < 1.0 - SQL Injection via MoreInfo.asp id Parameter
SQL injection vulnerability in MoreInfo.asp in The Net Guys ASPired2Poll 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
by ajann
KnowledgeBuilder 2.2 - 'visEdit_Control.Class.php' Remote File Inclusion
by igi
OpenBase SQL <10.0.1 - Privilege Escalation
Untrusted search path vulnerability in openexec in OpenBase SQL before 10.0.1 allows local users to gain privileges via a modified PATH that references a malicious helper binary, as demonstrated by (1) cp, (2) rm, and (3) killall, different vectors than CVE-2006-5327.
by Kevin Finisterre
By Source