Perl Exploits
2,849 exploits tracked across all sources.
Blue Coat Systems Inc. WinProxy <6.1a - DoS
The listening daemon in Blue Coat Systems Inc. WinProxy before 6.1a allows remote attackers to cause a denial of service (crash) via a long HTTP request that causes an out-of-bounds read.
by FistFuXXer
FlatCMS 1.01 - 'file_editor.php' Remote Command Execution
by cijfer
Valdersoft Shopping Cart 3.0 - Remote File Inclusion via catalogDocumentRoot Parameter
PHP remote file include vulnerability in (1) include/templates/categories/default.php and (2) certain other include/templates/categories/ PHP scripts in Valdersoft Shopping Cart 3.0 allows remote attackers to execute arbitrary code via a URL in the catalogDocumentRoot parameter.
by cijfer
CuteNews 1.4.1 - 'categories.mdu' Remote Command Execution
by cijfer
aMSN - Denial of Service via Crafted File-Transfer Data
aMSN (aka Alvaro's Messenger) allows remote attackers to cause a denial of service (client hang and termination of client's instant-messaging session) by repeatedly sending crafted data to the default file-transfer port (TCP 6891).
by Braulio Miguel Suarez Urquijo
CubeCart - Remote Code Execution via glob[rootDir] Parameter
PHP remote file include vulnerability in includes/orderSuccess.inc.php in CubeCart allows remote attackers to execute arbitrary PHP code via a URL in the glob[rootDir] parameter.
by cijfer
PHP-Fusion <6.00.300 - SQL Injection
SQL injection vulnerability in PHP-Fusion 6.00.200 through 6.00.300 allows remote attackers to execute arbitrary SQL commands via the ratings parameter in multiple scripts, such as ratings_include.php.
by krasza
Interaction SIP Proxy <3.0.011 - Buffer Overflow
Heap-based buffer overflow in the SIPParser function in i3sipmsg.dll in Interaction SIP Proxy before 3.0.011 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a REGISTER request with a SPI version number that contains a large number of space or tab characters.
by Behrang Fouladi
Microsoft Internet Information Services 5.1 - Remote Code Execution via DLL URL Parser
The URL parser in Microsoft Internet Information Services (IIS) 5.1 on Windows XP Professional SP2 allows remote attackers to execute arbitrary code via multiple requests to ".dll" followed by arguments such as "~0" through "~9", which causes ntdll.dll to produce a return value that is not correctly handled by IIS, as demonstrated using "/_vti_bin/.dll/*/~0". NOTE: the consequence was originally believed to be only a denial of service (application crash and reboot).
by kokanin
Mercury Mail Transport System <4.01b - RCE
Buffer overflow in Mercury Mail Transport System 4.01b allows remote attackers to execute arbitrary code via a long request to TCP port 105.
by kingcope
Watchfire AppScan QA 5.0.609 and 5.0.134 - Remote Code Execution via Long Realm Field in WWW-Authenticate Header
Buffer overflow in Watchfire AppScan QA 5.0.609 and 5.0.134 allows remote web servers to execute arbitrary code via an HTTP 401 response with a WWW-Authenticate header containing a long Realm field.
by Mariano Nuñez
AppServ Open Project 2.5.3 - Denial of Service via Large HTTP Request
AppServ Open Project 2.5.3 allows remote attackers to cause a denial of service via a large HTTP request.
by Rozor
Horde IMP <= 4.0.4 - Cross-Site Scripting via UTF16 Null Character Handling
Horde IMP 4.0.4 and earlier does not sanitize strings containing UTF16 null characters, which allows remote attackers to conduct cross-site scripting (XSS) attacks via UTF16 encoded attachments and strings that will be executed when viewed using Internet Explorer, which ignores the characters.
by SEC Consult
sobexsrv < 1.0.0_pre3 - Remote Code Execution via Format String in OBEX File Name
Format string vulnerability in the dosyslog function in the OBEX server (obexsrv.c) for Sobexsrv before 1.0.0-pre4, when the syslog (-S) function is enabled, allows remote attackers to execute arbitrary code via format string specifiers in file name arguments to OBEX commands.
by Kevin Finisterre
unalz - Buffer Overflow via Long File Names in ALZ Archives
Buffer overflow in unalz before 0.53 allows remote attackers to execute arbitrary code via long file names in ALZ archives.
by Ulf Harnhammar
Cisco PIX 6.3 and 7.0 - Denial of Service via Spoofed TCP Packets
Cisco PIX 6.3 and 7.0 allows remote attackers to cause a denial of service (blocked new connections) via spoofed TCP packets that cause the PIX to create embryonic connections that that would not produce a valid connection with the end system, including (1) SYN packets with invalid checksums, which do not result in a RST; or, from an external interface, (2) one byte of "meaningless data," or (3) a TTL that is one less than needed to reach the internal destination.
by Janis Vizulis
Cisco PIX 6.3 and 7.0 - Denial of Service via Spoofed TCP Packets
Cisco PIX 6.3 and 7.0 allows remote attackers to cause a denial of service (blocked new connections) via spoofed TCP packets that cause the PIX to create embryonic connections that that would not produce a valid connection with the end system, including (1) SYN packets with invalid checksums, which do not result in a RST; or, from an external interface, (2) one byte of "meaningless data," or (3) a TTL that is one less than needed to reach the internal destination.
by Janis Vizulis
Floosietek FTGate 4.1 - Remote Code Execution via Long IMAP Command Arguments
Multiple buffer overflows in the IMAP Groupware Mail server of Floosietek FTGate (FTGate4) 4.1 allow remote attackers to execute arbitrary code via long arguments to various IMAP commands, as demonstrated with the EXAMINE command.
by Luca Ercoli
phpwebthings 1.4 - SQL Injection via Forum Message Parameter
SQL injection vulnerability in forum.php in PHPWebThings 1.4 allows remote attackers to execute arbitrary SQL commands via the msg parameter, a different vulnerability than CVE-2005-3585.
by AhLam
PHP-Nuke 7.8 - SQL Injection via Search Module Query Parameter
Multiple SQL injection vulnerabilities in the Search module in PHP-Nuke 7.8, and possibly other versions before 7.9 with patch 3.1, allows remote attackers to execute arbitrary SQL commands, as demonstrated via the query parameter in a stories type.
by anonymous
Wizz Forum 1.20 - SQL Injection via AuthID TopicID Parameters
Multiple SQL injection vulnerabilities in Wizz Forum 1.20 allow remote attackers to execute arbitrary SQL commands via (1) the AuthID parameter in ForumAuthDetails.php, and the TopicID parameter in (2) ForumTopicDetails.php and (3) ForumReply.php.
by HACKERS PAL
Cyphor < 0.19 - SQL Injection via show.php id Parameter
SQL injection vulnerability in show.php in Cyphor 0.19 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
by HACKERS PAL
VERITAS Cluster Server for UNIX < 4.0MP2 - Local Buffer Overflow via VCSI18N_LANG Environment Variable
Buffer overflow in various ha commands of VERITAS Cluster Server for UNIX before 4.0MP2 allows local users to execute arbitrary code via a long VCSI18N_LANG environment variable to (1) haagent, (2) haalert, (3) haattr, (4) hacli, (5) hacli_runcmd, (6) haclus, (7) haconf, (8) hadebug, (9) hagrp, (10) hahb, (11) halog, (12) hareg, (13) hares, (14) hastatus, (15) hasys, (16) hatype, (17) hauser, and (18) tststew.
by Kevin Finisterre
gpsdrive < 2.09 - Remote Code Execution via Format String in Friendsd2 Direction Field
Format string vulnerability in friendsd2 in GpsDrive allows remote attackers to execute arbitrary code via the dir (direction) field.
by Kevin Finisterre
By Source