Perl Exploits
2,854 exploits tracked across all sources.
SIPfoundry sipXtapi - 'CSeq' Remote Buffer Overflow
by Jacopo Cervini
FileCOPA FTP Server 1.01 - 'LIST' Remote Buffer Overflow (1)
by Jacopo Cervini
Microsoft Internet Explorer <6.0 SP2 - DoS
wininet.dll in Microsoft Internet Explorer 6.0 SP2 and earlier allows remote attackers to cause a denial of service (unhandled exception and crash) via a long Content-Type header, which triggers a stack overflow.
by Firestorm
Cisco Security Monitoring, Analysis and Response System <4.2.1 - Co...
Multiple unspecified vulnerabilities in the Command Line Interface (CLI) for Cisco Security Monitoring, Analysis and Response System (CS-MARS) before 4.2.1, allow local CS-MARS administrators to execute arbitrary commands as root.
by Jon Hart
Cisco Security Monitoring Analysis An... - Access Control
jmx-console/HtmlAdaptor in the jmx-console in the JBoss web application server, as shipped with Cisco Security Monitoring, Analysis and Response System (CS-MARS) before 4.2.1, allows remote attackers to gain privileges as the CS-MARS administrator and execute arbitrary Java code via an invokeOp action in the BSHDeployer jboss.scripts service name.
by Jon Hart
Invision Power Services Invision Power Board - SQL Injection
SQL injection vulnerability in classes/class_session.php in Invision Power Board (IPB) 2.1 up to 2.1.6 allows remote attackers to execute arbitrary SQL commands via the CLIENT_IP parameter.
by w4g.not null
Eskolar Cms - SQL Injection
Multiple SQL injection vulnerabilities in Eskolar CMS 0.9.0.0 allow remote attackers to execute arbitrary SQL commands via the (1) gr_1_id, (2) gr_2_id, (3) gr_3_id, and (4) doc_id parameters in (a) index.php; the (5) uid and (6) pwd parameters in (b) php/esa.php; and possibly other vectors related to files in php/lib/ including (c) del.php, (d) download_backup.php, (e) navig.php, (f) restore.php, (g) set_12.php, (h) set_14.php, and (i) upd_doc.php.
by Jacek Wlodarczyk
Rabox Winlpd < 1.26 - Buffer Overflow
Stack-based buffer overflow in Winlpd 1.26 allows remote attackers to execute arbitrary code via a long string in a request to TCP port 515.
by Pablo Isola
Webmin <1.290 - Info Disclosure
Webmin before 1.290 and Usermin before 1.220 calls the simplify_path function before decoding HTML, which allows remote attackers to read arbitrary files, as demonstrated using "..%01" sequences, which bypass the removal of "../" sequences before bytes such as "%01" are removed from the filename. NOTE: This is a different issue than CVE-2006-3274.
by UmZ
Invision Power Services Invision Power Board - SQL Injection
SQL injection vulnerability in classes/class_session.php in Invision Power Board (IPB) 2.1 up to 2.1.6 allows remote attackers to execute arbitrary SQL commands via the CLIENT_IP parameter.
by RusH
EJ3 TOPo 2.2 - 'descripcion' Remote Command Execution
by Hessam-x
SIPfoundry sipXtapi <20060324 - RCE
Buffer overflow in SIPfoundry sipXtapi released before 20060324 allows remote attackers to execute arbitrary code via a long CSeq field value in an INVITE message.
by Michael Thumann
Microsoft Word 2000/2003 - Hlink Local Buffer Overflow
by SYS 49152
Ottoman CMS 1.1.3 - '?default_path=' Remote File Inclusion (2)
by Jacek Wlodarczyk
Microsoft Excel 2003 (Italian) - Hlink Local Buffer Overflow
by oveRet
Lifetype - SQL Injection
SQL injection vulnerability in index.php in LifeType 1.0.5 allows remote attackers to execute arbitrary SQL commands via the Date parameter in a Default op.
by Alejandro Ramos
Patrice Freydiere ImgSvr - DoS
Patrice Freydiere ImgSvr (aka ADA Image Server) allows remote attackers to cause a denial of service (daemon crash) via a long HTTP POST request. NOTE: this might be the same issue as CVE-2004-2463.
by n00b
Microsoft Excel - Universal Hlink Local Buffer Overflow
by SYS 49152
BXCP 0.3.0.4 - SQL Injection
SQL injection vulnerability in the files mod in index.php in BXCP 0.3.0.4 allows remote attackers to execute arbitrary SQL commands via the where parameter in a view action.
by x23
SturGeoN Upload - RCE
SturGeoN Upload allows remote attackers to execute arbitrary PHP code by uploading a file with a .php extension, then directly accessing the file. NOTE: It is uncertain whether this is a vulnerability or a feature of the product.
by Jihad BENABRA
Apple Mac OSX 10.4.6 (PPC) - 'launchd' Local Format String
by Kevin Finisterre
MKPortal 1.0.1 - 'index.php' Directory Traversal
by rUnViRuS
Apple Mac OSX 10.4.6 (x86) - 'launchd' Local Format String
by Kevin Finisterre
Microsoft Excel 2003 - Hlink Stack Buffer Overflow (SEH)
by FistFuXXer
Scout Portal Toolkit <1.4.0 - SQL Injection
SQL injection vulnerability in SPT--ForumTopics.php in Scout Portal Toolkit (SPT) 1.4.0 and earlier allows remote attackers to execute arbitrary SQL commands via the forumid parameter.
by simo64
By Source