Perl Exploits

2,854 exploits tracked across all sources.

Sort: Activity Stars
CVE-2005-1787 EXPLOITDB perl VERIFIED
Phpstat - Improper Input Validation
setup.php in phpStat 1.5 allows remote attackers to bypass authentication and gain administrator privileges by setting the $check variable.
by Alpha_Programmer
CVE-2005-1598 EXPLOITDB perl VERIFIED
Invision Power Services Invision Board - SQL Injection
SQL injection vulnerability in Invision Power Board (IPB) 2.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via a crafted cookie password hash (pass_hash) that modifies the internal $pid variable.
by Petey Beege
CVE-2005-1779 EXPLOITDB perl VERIFIED
Maxwebportal - SQL Injection
SQL injection vulnerability in password.asp in MaxWebPortal 1.35, 1.36, 2.0, and 20050418 Next allows remote attackers to execute arbitrary SQL commands via the memKey parameter.
by Alpha_Programmer
EIP-2026-111410 EXPLOITDB perl VERIFIED
PortailPHP 1.3 - 'ID' SQL Injection
by CENSORED Search Vulnerabilities
EIP-2026-113458 EXPLOITDB perl VERIFIED
Woltlab Burning Board 2.3.1 - 'register.php' SQL Injection
by deluxe89
CVE-2005-1628 EXPLOITDB perl VERIFIED
Web-app.org Webapp - Improper Input Validation
apage.cgi in WebAPP 0.9.9.2.1, and possibly earlier versions, allows remote attackers to execute arbitrary commands via shell metacharacters in the f parameter.
by Alpha_Programmer
EIP-2026-114648 EXPLOITDB perl VERIFIED
ZPanel 2.5b10 - SQL Injection
by RusH
CVE-2005-1629 EXPLOITDB perl VERIFIED
Photopost Php Pro - SQL Injection
SQL injection vulnerability in member.php for Photopost PHP Pro allows remote attackers to execute arbitrary SQL commands via the verifykey parameter.
by basher13
CVE-2004-2275 EXPLOITDB perl VERIFIED
I-Mall Commerce - RCE
i-mall.cgi in I-Mall Commerce allows remote attackers to execute arbitrary commands via shell metacharacters via the p parameter.
by Jerome Athias
CVE-2005-1396 EXPLOITDB perl VERIFIED
Ce/Ceterm <2.5.4 - Local Privilege Escalation
Race condition in Ce/Ceterm (aka ARPUS/Ce) 2.5.4 and earlier allows local users to write to arbitrary files via a symlink attack on the ce_edit_log temporary file.
by Kevin Finisterre
EIP-2026-115335 EXPLOITDB perl VERIFIED
Golden FTP Server Pro 2.52 - 'USER' Remote Buffer Overflow
by Reed Arvin
CVE-2005-1349 EXPLOITDB perl VERIFIED
Convert-UUlib <1.051 - RCE
Buffer overflow in Convert-UUlib (Convert::UUlib) before 1.051 allows remote attackers to execute arbitrary code via a malformed parameter to a read operation.
by CorryL
CVE-2005-1348 EXPLOITDB perl VERIFIED
MailEnable <1.04 - RCE
Buffer overflow in HTTPMail in MailEnable Enterprise 1.04 and earlier and Professional 1.54 and earlier allows remote attackers to execute arbitrary code via a long HTTP Authorization header.
by CorryL
CVE-2005-1289 EXPLOITDB perl VERIFIED
E-Cart 2004 <1.1 - RCE
index.cgi in E-Cart 2004 1.1 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) art and possibly (2) cat parameters.
by z
CVE-2005-0560 EXPLOITDB perl VERIFIED
Microsoft Exchange Server - Out-of-Bounds Write
Heap-based buffer overflow in the SvrAppendReceivedChunk function in xlsasink.dll in the SMTP service of Exchange Server 2000 and 2003 allows remote attackers to execute arbitrary code via a crafted X-LINK2STATE extended verb request to the SMTP port.
by Evgeny Pinchuk
CVE-2005-1134 EXPLOITDB perl VERIFIED
Serendipity <0.8 - SQL Injection
SQL injection vulnerability in exit.php for Serendipity 0.8 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) url_id or (2) entry_id parameters.
by kre0n
CVE-2005-0048 EXPLOITDB perl VERIFIED
Microsoft Windows 2000 - Denial of Service
Microsoft Windows XP SP2 and earlier, 2000 SP3 and SP4, Server 2003, and older operating systems allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IP packets with malformed options, aka the "IP Validation Vulnerability."
by Song Liu
CVE-2005-0404 EXPLOITDB perl VERIFIED
KDE 3.3.2 - Info Disclosure
KMail 1.7.1 in KDE 3.3.2 allows remote attackers to spoof email information, such as whether the email has been digitally signed or encrypted, via HTML formatted email.
by Noam Rathaus
CVE-2005-0689 EXPLOITDB perl VERIFIED
The Includer - Command Injection
includer.cgi in The Includer allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the URL or (2) the template parameter.
by K-C0d3r
CVE-2005-0689 EXPLOITDB perl VERIFIED
The Includer - Command Injection
includer.cgi in The Includer allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the URL or (2) the template parameter.
by GreenwooD
CVE-2005-1013 EXPLOITDB perl VERIFIED
MailEnable <1.04 - DoS
The SMTP service in MailEnable Enterprise 1.04 and earlier and Professional 1.54 and earlier allows remote attackers to cause a denial of service (server crash) via an EHLO command with a Unicode string.
by CorryL
CVE-2005-1019 EXPLOITDB perl VERIFIED
Aeon <0.2a - Privilege Escalation
Buffer overflow in the getConfig function in Aeon 0.2a and earlier allows local users to gain privileges via a long HOME environment variable.
by lammat
EIP-2026-110946 EXPLOITDB perl VERIFIED
phpBB 2.0.13 - 'Calendar Pro' mod Get Hash
by CereBrums
EIP-2026-110947 EXPLOITDB perl VERIFIED
phpBB 2.0.13 - 'downloads.php' mod Get Hash
by CereBrums
EIP-2026-111581 EXPLOITDB perl VERIFIED
PunBB 1.2.2 - Authentication Bypass
by RusH
By Source
All 2,854 Exploitdb 50,123 Writeup 46,867 Nomisec 21,211 Metasploit 3,189 Github 2,293 Vulncheck_xdb 900 Inthewild 518 Gitlab 439 Gitee 415 Patchapalooza 312
By Language
text 31,343 ruby 5,920 python 5,760 c 3,551 perl 2,854 html 2,055 php 1,334 bash 459 java 360 javascript 260 c++ 247 shell 73 go 42 postscript 25 xml 24