Perl Exploits
2,854 exploits tracked across all sources.
Clam Anti-virus Clamav < 0.88.4 - Denial of Service
Unspecified vulnerability in ClamAV before 0.88.5 allows remote attackers to cause a denial of service (scanning service crash) via a crafted Compressed HTML Help (CHM) file that causes ClamAV to "read an invalid memory location."
by Damian Put
Xfire < 1.6.4 - Denial of Service
Xfire 1.64 and earlier allows remote attackers to cause a denial of service (client application crash) via a long string to UDP port 25777.
by n00b
Woltlab Burning Book - SQL Injection
Eval injection vulnerability in addentry.php in WoltLab Burning Book 1.1.2 allows remote attackers to execute arbitrary PHP code via crafted POST requests that store PHP code in a database that is later processed by eval, as demonstrated using SQL injection via the n parameter.
by ShAnKaR
Xcode OpenBase 9.1.5 (OSX) - Root File Create Privilege Escalation
by Kevin Finisterre
Matthias Dietrich Phpburningportal Quiz-modul < 1.0.1 - Code Injection
Multiple PHP remote file inclusion vulnerabilities in phpBurningPortal quiz-modul 1.0.1, and possibly earlier, allow remote attackers to execute arbitrary PHP code via a URL in the lang_path parameter to (1) quest_delete.php, (2) quest_edit.php, or (3) quest_news.php.
by r0ut3r
phpBBFM 206-3-3 - 'phpbb_root_path' Remote File Inclusion
by Kamalian
Xcode OpenBase 9.1.5 (OSX) - Local Privilege Escalation
by Kevin Finisterre
SpamOborona <1.0b - RCE
PHP remote file inclusion vulnerability in admin/admin_spam.php in the SpamOborona 1.0b and earlier phpBB module allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
by Nima Salehi
phpBB Security 1.0.1 - 'PHP_security.php' Remote File Inclusion
by Nima Salehi
Phpbb Searchindexer - Code Injection
PHP remote file inclusion vulnerability in archive/archive_topic.php in pbpbb archive for search engines (SearchIndexer) (aka phpBBSEI) for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
by Nima Salehi
phpBB RPG Events 1.0 - 'functions_rpg_events' Remote File Inclusion
by Nima Salehi
Prillian French <0.8.0 - RCE
PHP remote file inclusion vulnerability in language/lang_french/lang_prillian_faq.php in the Prillian French 0.8.0 and earlier module for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
by Nima Salehi
phpBB <20.272 - RCE
PHP remote file inclusion vulnerability in mods/iai/includes/constants.php in the PlusXL 20_272 and earlier phpBB module allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
by Nima Salehi
News Defilante Horizontale <4.1.1 - RCE
PHP remote file inclusion vulnerability in includes/functions_newshr.php in the News Defilante Horizontale 4.1.1 and earlier module for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
by Nima Salehi
PHPBB <1.0.1 - RCE
PHP remote file inclusion vulnerability in lat2cyr.php in the lat2cyr 1.0.1 and earlier phpbb module allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
by Nima Salehi
AMAZONIA MOD - RCE
PHP remote file inclusion vulnerability in zufallscodepart.php in AMAZONIA MOD for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
by Nima Salehi
PHP <includes/not_mem.php - RCE
PHP remote file inclusion vulnerability in includes/not_mem.php in the Add Name module for PHP allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
by Nima Salehi
PHPBB <206.2.38 - RCE
PHP remote file inclusion vulnerability in includes/bb_usage_stats.php in maluinfo 206.2.38 for Brazilian PHPBB allows remote attackers to execute arbitrary PHP code via the phpbb_root_path parameter. NOTE: this might be the same issues as CVE-2006-4893.
by Nima Salehi
Microsoft Powerpoint - Denial of Service
PowerPoint in Microsoft Office 2003 does not properly handle a container object whose position value exceeds the record length, which allows user-assisted attackers to cause a denial of service (NULL dereference and application crash) via a crafted PowerPoint (.PPT) file, as demonstrated by Nanika.ppt, and a different vulnerability than CVE-2006-3435, CVE-2006-3876, CVE-2006-3877, and CVE-2006-4694. NOTE: the impact of this issue was originally claimed to be arbitrary code execution, but later analysis demonstrated that this was erroneous.
by Nanika
Redaction System - Code Injection
Multiple PHP remote file inclusion vulnerabilities in Redaction System 1.0000 allow remote attackers to execute arbitrary PHP code via a URL in the (1) lang_prefix parameter to (a) conn.php, (b) sesscheck.php, (c) wap/conn.php, or (d) wap/sesscheck.php, or the (2) lang parameter to (e) index.php.
by r0ut3r
Phpbb Insert User < 0.1.2 - Code Injection
PHP remote file inclusion vulnerability in includes/functions_mod_user.php in phpBB Insert User 0.1.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
by Nima Salehi
Cuttlefish Multimedia Ltd. Leicesters... - Code Injection
PHP remote file inclusion vulnerability in includes/import-archive.php in Leicestershire communityPortals 1.0 build 20051018 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the cp_root_path parameter.
by Nima Salehi
Shen Cheng-Da PHP News Reader <2.6.4 - RCE
PHP remote file inclusion vulnerability in auth/phpbb.inc.php in Shen Cheng-Da PHP News Reader (aka pnews) 2.6.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the CFG[auth_phpbb_path] parameter.
by Nima Salehi
Leicestershire communityPortals 1.0 - RCE
PHP remote file inclusion vulnerability in cpadmin/cpa_index.php in Leicestershire communityPortals 1.0_2005-10-18_12-31-18 allows remote attackers to execute arbitrary PHP code via a URL in the cp_root_path parameter, a different vector than CVE-2006-5280.
by Nima Salehi
By Source