Perl Exploits
2,854 exploits tracked across all sources.
SPECTral Personal SMTP Server 0.4.2 - Denial of Service
by GreenwooD
Class-1 Forum - SQL Injection
Multiple SQL injection vulnerabilities in Class-1 Forum 0.24.4 and 0.23.2, and Clever Copy with forums installed, allow remote attackers to modify SQL statements via the (1) id parameter to viewattach.php, (2) viewuser_id parameter to users.php, or the (3) id or (4) forum parameter to viewforum.php.
by basher13
Code Ocean Ocean FTP Server - Denial of Service
Code Ocean FTP server 1.0 allows remote attackers to cause a denial of service via a large number of connections.
by GSS IT
MCPWS Personal WebServer 1.3.21 - Denial of Service
by Nico Spicher
phpBB 2.0.12 - Privilege Escalation
sessions.php in phpBB 2.0.12 and earlier allows remote attackers to gain administrator privileges via the autologinid value in a cookie.
by Kutas
PostScript Utilities - 'psnup' Local Buffer Overflow
by lammat
PlatinumFTP 1.0.18 - Multiple Remote Denial of Service Vulnerabilities
by ports
LimeWire <4.5.6 - Info Disclosure
LimeWire 4.1.2 through 4.5.6 allows remote attackers to read arbitrary files by specifying the full pathname in a Gnutella GET request.
by lammat
Freeciv Server 2.0.0beta8 - Denial of Service
by Nico Spicher
Frank Mcingvale Luxman - Buffer Overflow
Buffer overflow in luxman before 0.41, if used with certain insecure svgalib libraries, allows local users to execute arbitrary code via a long -f command line argument.
by Kevin Finisterre
PHP - RCE
PHP remote file inclusion vulnerability in article mode for modules.php in SocialMPN allows remote attackers to execute arbitrary PHP code by modifying the name parameter to reference a URL on a remote web server that contains the code.
by y3dips
Mysql - Code Injection
MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to execute arbitrary code by using CREATE FUNCTION to access libc calls, as demonstrated by using strcat, on_exit, and exit.
by Stefano Di Paola
Platinumftpserver - Denial of Service
PlatinumFTP 1.0.18, and possibly earlier versions, allows remote attackers to cause a denial of service (server crash) via multiple connection attempts with a \ (backslash) in the username.
by ports
Stadtaus.Com PHP Form Mail Script 2.3 - Remote File Inclusion
by mozako
Apache webserver <2.0.52 - DoS
Apache webserver 2.0.52 and earlier allows remote attackers to cause a denial of service (CPU consumption) via an HTTP GET request with a MIME header containing multiple lines with a large number of space characters.
by GreenwooD
WebConnect <6.5-6.4.4 - Path Traversal
Directory traversal vulnerability in jretest.html in WebConnect 6.5 and 6.4.4, and possibly earlier versions, allows remote attackers to read keys within arbitrary INI formatted files via "..//" sequences in the WCP_USER parameter.
by karak0rsan
AWStats 6.3-6.4 - Code Injection
Direct code injection vulnerability in awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to execute portions of Perl code via the PluginMode parameter.
by GHC
Apple Mac OSX Adobe Version Cue - Local Privilege Escalation
by 0xdeadbabe
Mac OS X - Privilege Escalation
The Finder in Mac OS X and earlier allows local users to overwrite arbitrary files and gain privileges by creating a hard link from the .DS_Store file to an arbitrary file.
by vade79
Osh < 1.7.14 - Buffer Overflow
Buffer overflow in OSH before 1.7-15 allows local users to execute arbitrary code via a long current working directory and filename.
by Charles Stevenson
Logicnow Perldesk - SQL Injection
SQL injection vulnerability in PerlDesk 1.x allows remote attackers to inject arbitrary SQL commands via the view parameter.
by deluxe89
Savant Webserver - Buffer Overflow
Buffer overflow in Savant Web Server 3.1 allows remote attackers to execute arbitrary code via a long HTTP request.
by CorryL
By Source