Perl Exploits
2,849 exploits tracked across all sources.
OpenBase SQL < 10.0.1 - Arbitrary File Creation via Symlink Attack on /tmp/output
openexec in OpenBase SQL before 10.0.1 allows local users to create arbitrary files via a symlink attack on the /tmp/output file, a different vulnerability than CVE-2006-5328.
by Kevin Finisterre
IPrimal Forums <20061105 - Auth Bypass
admin/index.php in IPrimal Forums as of 20061105 allows remote attackers to bypass authentication and modify user passwords via a direct request, possibly related to an authentication issue in admin/chk_admin.php.
by Bl0od3r
The Web Drivers Simple Forum - SQL Injection via message_details.php id Parameter
SQL injection vulnerability in message_details.php in The Web Drivers Simple Forum, dated 20060318, allows remote attackers to execute arbitrary SQL commands via the id parameter.
by Bl0od3r
DeltaScripts PHP Classifieds <= 7.1 - SQL Injection via detail.php user_id Parameter
SQL injection vulnerability in detail.php in DeltaScripts PHP Classifieds 7.1 and earlier allows remote attackers to execute arbitrary SQL commands via the user_id parameter.
by ajann
XM Easy Personal FTP Server <= 5.2.1 - Authenticated Denial of Service via NLST Command
XM Easy Personal FTP Server 5.2.1 and earlier allows remote authenticated users to cause a denial of service via a long argument to the NLST command, possibly involving the -al flags.
by boecke
Essentia Web Server 2.15 - Remote Code Execution via Long URI
Stack-based buffer overflow in Essentia Web Server 2.15 for Windows allows remote attackers to execute arbitrary code via a long URI, as demonstrated by a GET or HEAD request. NOTE: some of these details are obtained from third party information.
by CorryL
2BGal 3.0 - Remote PHP File Inclusion via Lang Parameter
Multiple PHP file inclusion vulnerabilities in 2BGal 3.0 allow remote attackers to execute arbitrary PHP code via the lang parameter to (1) admin/configuration.inc.php, (2) admin/creer_album.inc.php, (3) admin/changepwd.php.inc, and unspecified other files. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
by Kw3[R]Ln
Microsoft Windows NAT Helper Components - Denial of Service via Malformed DNS Query
Microsoft Windows NAT Helper Components (ipnathlp.dll) on Windows XP SP2, when Internet Connection Sharing is enabled, allows remote attackers to cause a denial of service (svchost.exe crash) via a malformed DNS query, which results in a null pointer dereference.
by x82
Novell eDirectory 8.8 - NDS Server Remote Stack Overflow
by FistFuXXer
PHPMyDesk 1.0beta - Directory Traversal via pmdlang Parameter
Directory traversal vulnerability in pmd-config.php in PHPMyDesk 1.0beta allows remote attackers to include arbitrary local files via the pmdlang parameter to viewticket.php.
by Kw3[R]Ln
CMS Faethon < 2.0_ultimate - Remote File Inclusion via mainpath Parameter
Multiple PHP remote file inclusion vulnerabilities in CMS Faethon 2.0 Ultimate and earlier, when register_globals and magic_quotes_gpc are enabled, allow remote attackers to execute arbitrary PHP code via a URL in the mainpath parameter to (1) includes/rss-reader.php or (2) admin/config.php, different vectors than CVE-2006-3185.
by r0ut3r
SourceForge (alexandria) 1.0.4 - RCE
PHP remote file inclusion vulnerability in include/database.php in SourceForge (aka alexandria) 1.0.4 allows remote attackers to execute arbitrary PHP code via the sys_dbtype parameter.
by Kw3[R]Ln
JumbaCMS 0.0.1 - Remote File Inclusion via jcms_root_path Parameter
PHP remote file inclusion vulnerability in includes/functions.php in JumbaCMS 0.0.1 allows remote attackers to execute arbitrary PHP code via a URL in the jcms_root_path parameter.
by Kw3[R]Ln
Novell eDirectory 8.x-8.8.x - Remote Code Execution via Long HTTP Host Header or Dot in Username
Multiple stack-based buffer overflows in Novell eDirectory 8.8.x before 8.8.1 FTF1, and 8.x up to 8.7.3.8, and Novell NetMail before 3.52e FTF2, allow remote attackers to execute arbitrary code via (1) a long HTTP Host header, which triggers an overflow in the BuildRedirectURL function; or vectors related to a username containing a . (dot) character in the (2) SMTP, (3) POP, (4) IMAP, (5) HTTP, or (6) Networked Messaging Application Protocol (NMAP) Netmail services.
by Manuel Santamarina Suarez
Casinosoft Casino Script 3.2 - SQL Injection via cfam Parameter
SQL injection vulnerability in lobby/config.php in Casinosoft Casino Script (aka Masvet) 3.2 allows remote attackers to execute arbitrary SQL commands via the cfam parameter.
by G1UK
FreeFAQ 1.0.e - Remote File Inclusion via faqpath Parameter
PHP remote file inclusion vulnerability in index.php in FreeFAQ 1.0.e allows remote attackers to execute arbitrary PHP code via a URL in the faqpath parameter.
by Alireza Ahari
EPNadmin 0.7 and 0.7.1 - Remote File Inclusion via Langage Parameter
PHP remote file inclusion vulnerability in constantes.inc.php in EPNadmin 0.7 and 0.7.1 allows remote attackers to execute arbitrary PHP code via the langage parameter.
by Kw3[R]Ln
Ariadne CMS 2.4 - Remote Code Execution via Ariadne Parameter Manipulation
NOTE: this issue has been disputed by the vendor. PHP remote code injection vulnerability in loader.php for Ariadne CMS 2.4 allows remote attackers to execute arbitrary PHP code by modifying the ariadne parameter to reference a URL on a remote web server that contains the code. NOTE: the vendor has disputed this issue, saying that loader.php first requires the "ariadne.inc" file, which defines the $ariadne variable, and thus it cannot be modified by an attacker. In addition, CVE personnel have partially verified the dispute via source code inspection of Ariadne 2.4 as available on July 5, 2005
by Fidel Costa
Asterisk 1.0.x-1.0.11 and 1.2.x-1.2.12 - Remote Code Execution via Skinny Channel Driver Integer Overflow
Integer overflow in the get_input function in the Skinny channel driver (chan_skinny.c) in Asterisk 1.0.x before 1.0.12 and 1.2.x before 1.2.13, as used by Cisco SCCP phones, allows remote attackers to execute arbitrary code via a certain dlen value that passes a signed integer comparison and leads to a heap-based buffer overflow.
by Noam Rathaus
PHPRecipeBook 2.36 - Remote Code Execution via g_rb_basedir Parameter
PHP remote file inclusion vulnerability in classes/Import_MM.class.php in PHPRecipeBook 2.36, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the g_rb_basedir parameter.
by r0ut3r
ClamAV < 0.88.5 - Denial of Service via Crafted CHM File
Unspecified vulnerability in ClamAV before 0.88.5 allows remote attackers to cause a denial of service (scanning service crash) via a crafted Compressed HTML Help (CHM) file that causes ClamAV to "read an invalid memory location."
by Damian Put
Xfire < 1.6.4 - Denial of Service via Long UDP String to Port 25777
Xfire 1.64 and earlier allows remote attackers to cause a denial of service (client application crash) via a long string to UDP port 25777.
by n00b
WoltLab Burning Book 1.1.2 - Remote Code Execution via Eval Injection in addentry.php
Eval injection vulnerability in addentry.php in WoltLab Burning Book 1.1.2 allows remote attackers to execute arbitrary PHP code via crafted POST requests that store PHP code in a database that is later processed by eval, as demonstrated using SQL injection via the n parameter.
by ShAnKaR
By Source