Perl Exploits
2,849 exploits tracked across all sources.
Secure Network Messenger 1.4.2 - Denial of Service
by ClearScreen
UBBCentral UBB.Threads 6.2.x < 6.3x - One Char Brute Force
by RusH
IPSwitch IMail 8.13 - Authenticated Stack-Based Buffer Overflow via IMAP DELETE Command
Stack-based buffer overflow in IPSwitch IMail 8.13 allows remote authenticated users to execute arbitrary code via a long IMAP DELETE command.
by Zatlander
SecureAction Research Secure Network Messenger 1.4.x - Remote Denial of Service
by Luigi Auriemma
Quick 'n Easy FTP Server Professional and Lite - Authenticated Buffer Overflow in Logging Functionality
Buffer overflow in Unicode processing in the logging functionality in Pablo Software Solutions Quick 'n Easy FTP Server Professional and Lite, probably 3.0, allows remote authenticated users to execute arbitrary code by sending a command with a long argument, which triggers a buffer overflow when an admin selects the Logging section in the FTP server main window. NOTE: the original researcher claims that the vendor disputes this issue.
by KaGra
BaSoMail Server 1.24 - POP3/SMTP Remote Denial of Service
by KaGra
Internet Information Services 5.0-6.0 - Denial of Service via WebDAV PROPFIND XML Attribute Flood
The WebDAV Message Handler for Internet Information Services (IIS) 5.0, 5.1, and 6.0 allows remote attackers to cause a denial of service (memory and CPU exhaustion, application crash) via a PROPFIND request with an XML message containing XML elements with a large number of attributes.
by Amit Klein
SalesLogix 6.1 - Directory Traversal and Arbitrary File Upload via ProcessQueueFile Request
Directory traversal vulnerability in SalesLogix 6.1 allows remote attackers to upload arbitrary files via a .. (dot dot) in a ProcessQueueFile request.
by Carl Livitt
SalesLogix 6.1 - Directory Traversal and Arbitrary File Upload via ProcessQueueFile Request
Directory traversal vulnerability in SalesLogix 6.1 allows remote attackers to upload arbitrary files via a .. (dot dot) in a ProcessQueueFile request.
by Carl Livitt
Microsoft Windows NT Server <4.0-2003 - RCE
The Network News Transfer Protocol (NNTP) component of Microsoft Windows NT Server 4.0, Windows 2000 Server, Windows Server 2003, Exchange 2000 Server, and Exchange Server 2003 allows remote attackers to execute arbitrary code via XPAT patterns, possibly related to improper length validation and an "unchecked buffer," leading to off-by-one and heap-based buffer overflows.
by Lucas Lavarello
Ipswitch WhatsUp Gold <8.03.1 - RCE
Buffer overflow in the _maincfgret.cgi script for Ipswitch WhatsUp Gold before 8.03 Hotfix 1 allows remote attackers to execute arbitrary code via a long instancename parameter.
by LoWNOISE
EmuLive Server4 Commerce Edition Build 7560 - Denial of Service via Carriage Return Sequence to TCP Port 66
EmuLive Server4 Commerce Edition Build 7560 allows remote attackers to cause a denial of service (application crash) via a sequence of carriage returns sent to TCP port 66.
by GulfTech Security
PHP-Nuke 6.x-7.2 - SQL Injection via Admin Parameter
SQL injection vulnerability in (1) auth.php and (2) admin.php in PHP-Nuke 6.x through 7.2 allows remote attackers to execute arbitrary SQL code and create an administrator account via base64-encoded SQL in the admin parameter.
by iko94
htpasswd Apache 1.3.31 - Local Overflow
by Luiz Fernando Camargo
Ipswitch WhatsUp Gold 7.0/8.0 - Notification Instance Name Remote Buffer Overflow
by anonymous
efs_web_server 1.25 - Denial of Service via Large HTTP Requests
Easy File Sharing (EFS) Webserver 1.25 allows remote attackers to cause a denial of service (CPU consumption or crash) via many large HTTP requests.
by GulfTech Security
BadBlue 2.5 - Denial of Service via Excessive Connections
BadBlue 2.5 allows remote attackers to cause a denial of service (refuse HTTP connections) via a large number of connections from the same IP address.
by GulfTech Security
PHPMyWebHosting <0.3.4 - SQL Injection
SQL injection vulnerability in pmwh.php in PHPMyWebHosting 0.3.4 and earlier allows remote attackers to modify SQL statements via the password parameter.
by Noam Rathaus
PlaySMS 0.7 and earlier - SQL Injection via vc2 Cookie
SQL injection vulnerability in the valid function in fr_left.php in PlaySMS 0.7 and earlier allows remote attackers to modify SQL statements via the vc2 cookie.
by Noam Rathaus
AppleFileServer <10.3.3 - Buffer Overflow
Stack-based buffer overflow in AppleFileServer for Mac OS X 10.3.3 and earlier allows remote attackers to execute arbitrary code via a LoginExt packet for a Cleartext Password User Authentication Method (UAM) request with a PathName argument that includes an AFPName type string that is longer than the associated length field.
by Dino Dai Zovi
BlackJumboDog 3.x - Remote Code Execution via Long FTP Commands
Buffer overflow in BlackJumboDog 3.x allows remote attackers to execute arbitrary code via long FTP commands such as (1) USER, (2) PASS, (3) RETR,(4) CWD, (5) XMKD, and (6) XRMD.
by Tal Zeltzer
SoX 12.17.2-12.17.4 - Remote Code Execution via WAV File Header Fields
Multiple buffer overflows in the st_wavstartread function in wav.c for Sound eXchange (SoX) 12.17.2 through 12.17.4 allow remote attackers to execute arbitrary code via certain WAV file header fields.
by Serkan Akpolat
Microsoft Systems Management Server 2.50.2726.0 - Denial of Service via Malformed TCP Packet to Port 2702
The Remote Control Client service in Microsoft's Systems Management Server (SMS) 2.50.2726.0 allows remote attackers to cause a denial of service (crash) via a data packet to TCP port 2702 that causes the server to read or write to an invalid memory address.
by MacDefender
By Source