Perl Exploits

2,854 exploits tracked across all sources.

Sort: Activity Stars
CVE-2006-4418 EXPLOITDB perl VERIFIED
Wikepage - Path Traversal
Directory traversal vulnerability in index.php for Wikepage 2006.2a Opus 10 allows remote attackers to include arbitrary local files via the lng parameter, as demonstrated by inserting PHP code into a log file.
by Hessam-x
CVE-2006-4368 EXPLOITDB perl VERIFIED
IntegraMOD Portal <2 - RCE
PHP remote file inclusion vulnerability in includes/functions_portal.php in IntegraMOD Portal 2.x and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
by nukedx
CVE-2006-4365 EXPLOITDB perl VERIFIED
VistaBB <2.0.33 - RCE
Multiple PHP remote file inclusion vulnerabilities in VistaBB 2.0.33 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter in (1) includes/functions_mod_user.php or (2) includes/functions_portal.php.
by nukedx
CVE-2006-4367 EXPLOITDB perl VERIFIED
All Topics Hack < 1.5.0 - SQL Injection
SQL injection vulnerability in alltopics.php in the All Topics Hack 1.5.0 and earlier for phpBB 2.0.21 allows remote attackers to execute arbitrary SQL commands via the start parameter.
by SpiderZ
CVE-2006-4369 EXPLOITDB perl VERIFIED
Integramod Portal - Path Traversal
Absolute path traversal vulnerability in includes/functions_portal.php in IntegraMOD Portal 2.x and earlier, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via an absolute pathname in the phpbb_root_path parameter.
by nukedx
CVE-2006-4364 EXPLOITDB perl VERIFIED
Alt-n Mdaemon - Buffer Overflow
Multiple heap-based buffer overflows in the POP3 server in Alt-N Technologies MDaemon before 9.0.6 allow remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via long strings that contain '@' characters in the (1) USER and (2) APOP commands.
by Leon Juranic
EIP-2026-103563 EXPLOITDB perl VERIFIED
Mozilla Firefox 1.5.0.6 - FTP Request Remote Denial of Service
by Tomas Kempinsky
CVE-2006-4300 EXPLOITDB perl VERIFIED
8pixel.net Simple Blog < 2.0 - SQL Injection
SQL injection vulnerability in comments.asp in SimpleBlog 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
by ASIANEAGLE
CVE-2006-4310 EXPLOITDB perl VERIFIED
Mozilla Firefox - Improper Input Validation
Mozilla Firefox 1.5.0.6 allows remote attackers to cause a denial of service (crash) via a crafted FTP response, when attempting to connect with a username and password via the FTP URI.
by anonymous
CVE-2006-7210 EXPLOITDB perl VERIFIED
Microsoft Windows 2000 - Denial of Service
Microsoft Windows 2000, XP, and Server 2003 allows remote attackers to cause a denial of service (cpu consumption) via a PNG image with crafted (1) Width and (2) Height values in the IHDR block.
by Preddy
CVE-2006-4240 EXPLOITDB perl VERIFIED
Fusion News 3.7 - RCE
PHP remote file inclusion vulnerability in index.php in Fusion News 3.7 allows remote attackers to execute arbitrary PHP code via a URL in the fpath parameter.
by O.U.T.L.A.W
CVE-2006-4210 EXPLOITDB perl VERIFIED
phPay <2.02.1 - Open Mail Relay
nu_mail.inc.php in Andreas Kansok phPay 2.02 and 2.02.1, when register_globals is enabled, allows remote attackers to use the server as an open mail relay via modified mail_text2, user_row[5], nu_mail_1, and shop_mail parameters. NOTE: some of these details are obtained from third party information.
by beford
CVE-2006-2502 EXPLOITDB perl VERIFIED
Cyrus Imapd - Buffer Overflow
Stack-based buffer overflow in pop3d in Cyrus IMAPD (cyrus-imapd) 2.3.2, when the popsubfolders option is enabled, allows remote attackers to execute arbitrary code via a long USER command.
by K-sPecial
EIP-2026-111893 EXPLOITDB perl VERIFIED
SAPID CMS 1.2.3_rc3 - 'rootpath' Remote Code Execution
by simo64
CVE-2006-4114 EXPLOITDB perl VERIFIED
Phpmyring < 4.2 - SQL Injection
SQL injection vulnerability in view_com.php in Nicolas Grandjean PHPMyRing 4.2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the idsite parameter.
by simo64
CVE-2006-4455 EXPLOITDB perl VERIFIED
Xchat < 2.6.7 - Denial of Service
Unspecified vulnerability in Xchat 2.6.7 and earlier allows remote attackers to cause a denial of service (crash) via unspecified vectors involving the PRIVMSG command. NOTE: the vendor has disputed this vulnerability, stating that it does not affect 2.6.7 "or any recent version"
by Elo
CVE-2006-3819 EXPLOITDB perl VERIFIED
TWiki <4.0.4 - Code Injection
Eval injection vulnerability in the configure script in TWiki 4.0.0 through 4.0.4 allows remote attackers to execute arbitrary Perl code via an HTTP POST request containing a parameter name starting with "TYPEOF".
by Javier Olascoaga
CVE-2005-0716 EXPLOITDB perl VERIFIED
Apple Mac OS X - Buffer Overflow
Stack-based buffer overflow in the Core Foundation Library in Mac OS X 10.3.5 and 10.3.6, and possibly earlier versions, allows local users to execute arbitrary code via a long CF_CHARSET_PATH environment variable.
by Kevin Finisterre
EIP-2026-104584 EXPLOITDB perl VERIFIED
Apple Mac OSX 10.4.7 (x86) - 'fetchmail' Local Privilege Escalation
by Kevin Finisterre
EIP-2026-104583 EXPLOITDB perl VERIFIED
Apple Mac OSX 10.4.7 (PPC) - 'fetchmail' Local Privilege Escalation
by Kevin Finisterre
CVE-2006-4000 EXPLOITDB perl VERIFIED
Barracuda Networks Barracuda Spam Firewall - Path Traversal
Directory traversal vulnerability in cgi-bin/preview_email.cgi in Barracuda Spam Firewall (BSF) 3.3.01.001 through 3.3.03.053 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the file parameter.
by Greg Sinclair
EIP-2026-115827 EXPLOITDB perl VERIFIED
Microsoft Windows XP/2000/2003 - Graphical Device Interface Plus Library Denial of Service
by Mr. Niega
CVE-2006-3838 EXPLOITDB perl VERIFIED
Eiqnetworks Enterprise Security Analyzer < 2.4.0 - Memory Corruption
Multiple stack-based buffer overflows in eIQnetworks Enterprise Security Analyzer (ESA) before 2.5.0, as used in products including (a) Sidewinder, (b) iPolicy Security Manager, (c) Astaro Report Manager, (d) Fortinet FortiReporter, (e) Top Layer Network Security Analyzer, and possibly other products, allow remote attackers to execute arbitrary code via long (1) DELTAINTERVAL, (2) LOGFOLDER, (3) DELETELOGS, (4) FWASERVER, (5) SYSLOGPUBLICIP, (6) GETFWAIMPORTLOG, (7) GETFWADELTA, (8) DELETERDEPDEVICE, (9) COMPRESSRAWLOGFILE, (10) GETSYSLOGFIREWALLS, (11) ADDPOLICY, and (12) EDITPOLICY commands to the Syslog daemon (syslogserver.exe); (13) GUIADDDEVICE, (14) ADDDEVICE, and (15) DELETEDEVICE commands to the Topology server (Topology.exe); the (15) LICMGR_ADDLICENSE command to the License Manager (EnterpriseSecurityAnalyzer.exe); the (16) TRACE and (17) QUERYMONITOR commands to the Monitoring agent (Monitoring.exe); and possibly other vectors related to the Syslog daemon (syslogserver.exe).
by Kevin Finisterre
EIP-2026-118509 EXPLOITDB perl VERIFIED
eIQnetworks ESA - Syslog Server Remote Buffer Overflow
by Kevin Finisterre
EIP-2026-118244 EXPLOITDB perl VERIFIED
AIM Triton 1.0.4 - 'SipXtapi' Remote Buffer Overflow
by c0rrupt
By Source
All 2,854 Exploitdb 50,121 Writeup 46,832 Nomisec 21,205 Metasploit 3,189 Github 2,268 Vulncheck_xdb 900 Inthewild 518 Gitlab 439 Gitee 415 Patchapalooza 312
By Language
text 31,341 ruby 5,920 python 5,746 c 3,550 perl 2,854 html 2,055 php 1,334 bash 459 java 360 javascript 260 c++ 247 shell 73 go 41 postscript 25 xml 24