Perl Exploits
2,849 exploits tracked across all sources.
Xcode OpenBase 9.1.5 (OSX) - Root File Create Privilege Escalation
by Kevin Finisterre
phpburningportal_quiz-modul < 1.0.1 - Remote Code Execution via lang_path Parameter
Multiple PHP remote file inclusion vulnerabilities in phpBurningPortal quiz-modul 1.0.1, and possibly earlier, allow remote attackers to execute arbitrary PHP code via a URL in the lang_path parameter to (1) quest_delete.php, (2) quest_edit.php, or (3) quest_news.php.
by r0ut3r
phpBBFM 206-3-3 - 'phpbb_root_path' Remote File Inclusion
by Kamalian
Xcode OpenBase 9.1.5 (OSX) - Local Privilege Escalation
by Kevin Finisterre
SpamOborona 1.0b - Remote File Inclusion via phpbb_root_path Parameter
PHP remote file inclusion vulnerability in admin/admin_spam.php in the SpamOborona 1.0b and earlier phpBB module allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
by Nima Salehi
phpBB Security 1.0.1 - 'PHP_security.php' Remote File Inclusion
by Nima Salehi
phpBB SearchIndexer - Remote Code Execution via phpbb_root_path Parameter
PHP remote file inclusion vulnerability in archive/archive_topic.php in pbpbb archive for search engines (SearchIndexer) (aka phpBBSEI) for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
by Nima Salehi
phpBB RPG Events 1.0 - 'functions_rpg_events' Remote File Inclusion
by Nima Salehi
Prillian French < 0.8.0 - Remote File Inclusion via phpbb_root_path Parameter
PHP remote file inclusion vulnerability in language/lang_french/lang_prillian_faq.php in the Prillian French 0.8.0 and earlier module for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
by Nima Salehi
PlusXL 20_272 and earlier - Remote File Inclusion via phpbb_root_path Parameter
PHP remote file inclusion vulnerability in mods/iai/includes/constants.php in the PlusXL 20_272 and earlier phpBB module allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
by Nima Salehi
News Defilante Horizontale <4.1.1 - RCE
PHP remote file inclusion vulnerability in includes/functions_newshr.php in the News Defilante Horizontale 4.1.1 and earlier module for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
by Nima Salehi
lat2cyr < 1.0.1 - Remote File Inclusion via phpbb_root_path Parameter
PHP remote file inclusion vulnerability in lat2cyr.php in the lat2cyr 1.0.1 and earlier phpbb module allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
by Nima Salehi
phpBB AMAZONIA MOD - Remote File Inclusion via zufallscodepart.php phpbb_root_path Parameter
PHP remote file inclusion vulnerability in zufallscodepart.php in AMAZONIA MOD for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
by Nima Salehi
phpBB - Remote File Inclusion via phpbb_root_path Parameter
PHP remote file inclusion vulnerability in includes/not_mem.php in the Add Name module for PHP allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
by Nima Salehi
maluinfo 206.2.38 - Remote File Inclusion via phpbb_root_path Parameter
PHP remote file inclusion vulnerability in includes/bb_usage_stats.php in maluinfo 206.2.38 for Brazilian PHPBB allows remote attackers to execute arbitrary PHP code via the phpbb_root_path parameter. NOTE: this might be the same issues as CVE-2006-4893.
by Nima Salehi
Microsoft PowerPoint 2003 - Denial of Service via Crafted PPT File
PowerPoint in Microsoft Office 2003 does not properly handle a container object whose position value exceeds the record length, which allows user-assisted attackers to cause a denial of service (NULL dereference and application crash) via a crafted PowerPoint (.PPT) file, as demonstrated by Nanika.ppt, and a different vulnerability than CVE-2006-3435, CVE-2006-3876, CVE-2006-3877, and CVE-2006-4694. NOTE: the impact of this issue was originally claimed to be arbitrary code execution, but later analysis demonstrated that this was erroneous.
by Nanika
Redaction System 1.0000 - Remote Code Execution via PHP File Inclusion
Multiple PHP remote file inclusion vulnerabilities in Redaction System 1.0000 allow remote attackers to execute arbitrary PHP code via a URL in the (1) lang_prefix parameter to (a) conn.php, (b) sesscheck.php, (c) wap/conn.php, or (d) wap/sesscheck.php, or the (2) lang parameter to (e) index.php.
by r0ut3r
phpBB Insert User < 0.1.2 - Remote Code Execution via phpbb_root_path Parameter
PHP remote file inclusion vulnerability in includes/functions_mod_user.php in phpBB Insert User 0.1.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
by Nima Salehi
Leicestershire communityPortals < 1.build_20051018 - Remote Code Execution via cp_root_path Parameter
PHP remote file inclusion vulnerability in includes/import-archive.php in Leicestershire communityPortals 1.0 build 20051018 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the cp_root_path parameter.
by Nima Salehi
Shen Cheng-Da PHP News Reader <2.6.4 - RCE
PHP remote file inclusion vulnerability in auth/phpbb.inc.php in Shen Cheng-Da PHP News Reader (aka pnews) 2.6.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the CFG[auth_phpbb_path] parameter.
by Nima Salehi
Leicestershire communityPortals 1.0 - RCE
PHP remote file inclusion vulnerability in cpadmin/cpa_index.php in Leicestershire communityPortals 1.0_2005-10-18_12-31-18 allows remote attackers to execute arbitrary PHP code via a URL in the cp_root_path parameter, a different vector than CVE-2006-5280.
by Nima Salehi
Leicestershire communityPortals < 1.0 - Remote Code Execution via cp_root_path Parameter
PHP remote file inclusion vulnerability in bug.php in Leicestershire communityPortals 1.0 build 20051018 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the cp_root_path parameter, a different vector than CVE-2006-5280. NOTE: CVE disputes this issue, since bug.php is not in communityPortals source distributions
by Nima Salehi
phpmyagenda < 3.1_beta_1 - Directory Traversal and Arbitrary File Execution via Language Parameter
Directory traversal vulnerability in templates/header.php3 in phpMyAgenda 3.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter, as demonstrated by a parameter value naming an Apache HTTP Server log file that apparently contains PHP code.
by Nima Salehi
Docmint <2.0 - Remote Code Execution
PHP remote file inclusion vulnerability in engine/require.php in Docmint 2.0 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the MY_ENV[BASE_ENGINE_LOC] parameter.
by K-159
By Source