Perl Exploits

2,849 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-102955 EXPLOITDB perl VERIFIED
PostScript Utilities - 'psnup' Local Buffer Overflow
by lammat
EIP-2026-116072 EXPLOITDB perl VERIFIED
PlatinumFTP 1.0.18 - Multiple Remote Denial of Service Vulnerabilities
by ports
CVE-2005-0788 EXPLOITDB perl VERIFIED
LimeWire 4.1.2-4.5.6 - Arbitrary File Read via Gnutella GET Request
LimeWire 4.1.2 through 4.5.6 allows remote attackers to read arbitrary files by specifying the full pathname in a Gnutella GET request.
by lammat
EIP-2026-103472 EXPLOITDB perl VERIFIED
Freeciv Server 2.0.0beta8 - Denial of Service
by Nico Spicher
CVE-2005-0385 EXPLOITDB perl VERIFIED
luxman < 0.41 - Buffer Overflow via Long Command Line Argument
Buffer overflow in luxman before 0.41, if used with certain insecure svgalib libraries, allows local users to execute arbitrary code via a long -f command line argument.
by Kevin Finisterre
CVE-2005-0691 EXPLOITDB perl VERIFIED
SocialMPN modules.php - Remote File Inclusion Code Execution
PHP remote file inclusion vulnerability in article mode for modules.php in SocialMPN allows remote attackers to execute arbitrary PHP code by modifying the name parameter to reference a URL on a remote web server that contains the code.
by y3dips
CVE-2005-0709 EXPLOITDB perl VERIFIED
MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10 - Authenticated Remote Code Execution via CREATE FUNCTION
MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to execute arbitrary code by using CREATE FUNCTION to access libc calls, as demonstrated by using strcat, on_exit, and exit.
by Stefano Di Paola
CVE-2005-0779 EXPLOITDB perl VERIFIED
PlatinumFTP 1.0.18 - Denial of Service via Backslash in Username
PlatinumFTP 1.0.18, and possibly earlier versions, allows remote attackers to cause a denial of service (server crash) via multiple connection attempts with a \ (backslash) in the username.
by ports
EIP-2026-112418 EXPLOITDB perl VERIFIED
Stadtaus.Com PHP Form Mail Script 2.3 - Remote File Inclusion
by mozako
CVE-2004-0942 EXPLOITDB perl VERIFIED
Apache HTTP Server < 2.0.52 - Denial of Service via MIME Header with Excessive Spaces
Apache webserver 2.0.52 and earlier allows remote attackers to cause a denial of service (CPU consumption) via an HTTP GET request with a MIME header containing multiple lines with a large number of space characters.
by GreenwooD
EIP-2026-110967 EXPLOITDB perl VERIFIED
phpBB 2.0.x - Authentication Bypass (2)
by phuket
CVE-2004-0465 EXPLOITDB perl VERIFIED
WebConnect <6.5-6.4.4 - Path Traversal
Directory traversal vulnerability in jretest.html in WebConnect 6.5 and 6.4.4, and possibly earlier versions, allows remote attackers to read keys within arbitrary INI formatted files via "..//" sequences in the WCP_USER parameter.
by karak0rsan
CVE-2005-0436 EXPLOITDB perl VERIFIED
AWStats 6.3-6.4 - Remote Code Execution via PluginMode Parameter
Direct code injection vulnerability in awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to execute portions of Perl code via the PluginMode parameter.
by GHC
EIP-2026-104590 EXPLOITDB perl VERIFIED
Apple Mac OSX Adobe Version Cue - Local Privilege Escalation
by 0xdeadbabe
CVE-2005-0342 EXPLOITDB perl VERIFIED
Mac OS X - Arbitrary File Overwrite and Privilege Escalation via .DS_Store Hard Link
The Finder in Mac OS X and earlier allows local users to overwrite arbitrary files and gain privileges by creating a hard link from the .DS_Store file to an arbitrary file.
by vade79
CVE-2005-3533 EXPLOITDB perl VERIFIED
osh < 1.7.14 - Buffer Overflow via Long Working Directory and Filename
Buffer overflow in OSH before 1.7-15 allows local users to execute arbitrary code via a long current working directory and filename.
by Charles Stevenson
CVE-2005-0343 EXPLOITDB perl VERIFIED
PerlDesk 1.x - SQL Injection via View Parameter
SQL injection vulnerability in PerlDesk 1.x allows remote attackers to inject arbitrary SQL commands via the view parameter.
by deluxe89
CVE-2005-0338 EXPLOITDB perl VERIFIED
Savant Web Server 3.1 - Remote Code Execution via Long HTTP Request
Buffer overflow in Savant Web Server 3.1 allows remote attackers to execute arbitrary code via a long HTTP request.
by CorryL
EIP-2026-109172 EXPLOITDB perl VERIFIED
LiteForum 2.1.1 - SQL Injection
by RusH
EIP-2026-116411 EXPLOITDB perl VERIFIED
TinyWeb 1.9 - Denial of Service
by karak0rsan
EIP-2026-103461 EXPLOITDB perl VERIFIED
Eternal Lines Web Server 1.0 - Remote Denial of Service
by Ziv Kamir
CVE-2005-0312 EXPLOITDB perl VERIFIED
WarFTPD 1.82 RC9 - Authenticated Denial of Service via CWD Command
WarFTPD 1.82 RC9, when running as an NT service, allows remote authenticated users to cause a denial of service (access violation) via a CWD command with a crafted pathname, as demonstrated using a large string of "%s" sequences, possibly indicating a format string vulnerability.
by MC.Iglo
EIP-2026-112192 EXPLOITDB perl VERIFIED
Siteman 1.1.10 - Remote Administrative Account Addition
by Noam Rathaus
CVE-2005-0116 EXPLOITDB perl VERIFIED
awstats < 6.3 - Remote Code Execution via configdir Parameter
AWStats 6.1, and other versions before 6.3, allows remote attackers to execute arbitrary commands via shell metacharacters in the configdir parameter to aswtats.pl.
by GHC
CVE-2005-0566 EXPLOITDB perl VERIFIED
Golden FTP Server Pro 2.x - Remote Code Execution via RNTO Command Buffer Overflow
Buffer overflow in Golden FTP Server Pro (goldenftpd) 2.x allows remote attackers to execute arbitrary code via a long RNTO command.
by Barabas
By Source
All 2,849 Writeup 62,478 Exploitdb 50,076 Nomisec 22,448 Github 3,670 Metasploit 3,315 Vulncheck_xdb 930 Inthewild 514 Gitlab 479 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,594 ruby 6,006 c 3,631 perl 2,849 html 2,076 php 1,333 bash 462 java 371 c++ 261 javascript 231 shell 133 go 73 postscript 25 typescript 25