Perl Exploits
2,854 exploits tracked across all sources.
Aztech ADSL DSL5018EN-DSL705EU - DoS
cgi-bin/AZ_Retrain.cgi in Aztech ADSL DSL5018EN (1T1R), DSL705E, and DSL705EU devices does not check for authentication, which allows remote attackers to cause a denial of service (WAN connectivity reset) via a direct request.
by Federick Joe P Fajardo
CVSS 7.5
vBulletin 4.0.x < 4.1.2 - 'search.php?cat' SQL Injection
by D35m0nd142
Granding Grand Ma300 Firmware - Insufficiently Protected Credentials
Grand MA 300 allows a brute-force attack on the PIN.
by Eric Sesterhenn
CVSS 9.8
Granding Grand Ma300 Firmware - Cleartext Transmission
Grand MA 300 allows retrieval of the access PIN from sniffed data.
by Eric Sesterhenn
CVSS 7.5
Ubisoft Rayman Legends <1.3.140380 - Buffer Overflow
Stack-based buffer overflow in Ubisoft Rayman Legends before 1.3.140380 allows remote attackers to execute arbitrary code via a long string in the "second connection" to TCP port 1001.
by LiquidWorm
Alienvault Open Source Security Infor... - Code Injection
The av-centerd SOAP service in AlienVault OSSIM before 4.7.0 allows remote attackers to execute arbitrary commands via a crafted (1) get_license, (2) get_log_line, or (3) update_system/upgrade_pro_web request, a different vulnerability than CVE-2014-3804.
by Alfredo Ramirez
CyberLink Power2Go Essential 9.0.1002.0 - Registry Buffer Overflow (SEH Unicode)
by Mike Czumak
Nullsoft Winamp < 5.666 - Memory Corruption
Winamp 5.666 and earlier allows remote attackers to cause a denial of service (memory corruption and crash) via a malformed .FLV file, related to f263.w5s.
by Aryan Bayaninejad
TFTPD32 4.5 / TFTPD64 4.5 - Denial of Service (PoC)
by Martinez FrostCard
Symantec Endpoint Protection Manager - Memory Corruption
Buffer overflow in secars.dll in the management console in Symantec Endpoint Protection Manager (SEPM) 12.1.x before 12.1.3, and Symantec Endpoint Protection Center (SPC) Small Business Edition 12.0.x, allows remote attackers to execute arbitrary code via unspecified vectors.
by st3n
HP 9000 - Path Traversal
The default configuration of the PJL Access value in the File System External Access settings on HP LaserJet MFP printers, Color LaserJet MFP printers, and LaserJet 4100, 4200, 4300, 5100, 8150, and 9000 printers enables PJL commands that use the device's filesystem, which allows remote attackers to read arbitrary files via a command inside a print job, as demonstrated by a directory traversal attack.
by @0x00string
BlazeDVD Pro Player 6.1 - Stack Buffer Overflow Jump ESP
by Deepak Rathore
MA Lighting Technology grandMA onPC 6.808 - Remote Denial of Service
by LiquidWorm
Mp3info - Buffer Overflow
Buffer overflow in MP3Info 0.8.4 allows attackers to execute arbitrary code via a long command line argument. NOTE: if mp3info is not installed setuid or setgid in any reasonable context, then this issue might not be a vulnerability.
by Ayman Sagy
FreePBX <2.9.0.14, <2.10.1.15, <2.11.0.23, <12.0.1alpha22 - RCE
admin/libraries/view.functions.php in FreePBX 2.9 before 2.9.0.14, 2.10 before 2.10.1.15, 2.11 before 2.11.0.23, and 12 before 12.0.1alpha22 does not restrict the set of functions accessible to the API handler, which allows remote attackers to execute arbitrary PHP code via the function and args parameters to admin/config.php.
by @0x00string
ALLPlayer <5.8.1 - Buffer Overflow
Buffer overflow in ALLPlayer 5.6.2 through 5.8.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in a .m3u (playlist) file.
by Gabor Seljan
Gold MP4 Player 3.3 - Buffer Overflow (PoC) (SEH)
by Gabor Seljan
ImageMagick - Buffer Overflow
Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick, possibly 6.8.8-5, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-1947.
by Mike Czumak
CVSS 8.8
WHMCompleteSolution (WHMCS) 5.12 - 'cart.php' Denial of Service
by Amir
By Source