Perl Exploits
2,854 exploits tracked across all sources.
Invision Power Services Invision Board - SQL Injection
SQL injection vulnerability in post.php in Invision Power Board (IPB) 2.0.0 through 2.0.2 allows remote attackers to execute arbitrary SQL commands via the qpid parameter.
by RusH
Digital Mappings Systems Pop3 Server - Buffer Overflow
Buffer overflow in pop3svr.exe for DMS POP3 1.5.3.27 and earlier allows remote attackers to cause a denial of service (service crash) via a long (1) username or (2) password.
by Reed Arvin
TWiki 20030201 - Command Injection
The search function in TWiki 20030201 allows remote attackers to execute arbitrary commands via shell metacharacters in a search string.
by RoMaNSoFt
phpBB - RCE
PHP remote file inclusion vulnerability in admin_cash.php for the Cash Mod module for phpBB allows remote attackers to execute arbitrary PHP code by modifying the phpbb_root_path parameter to reference a URL on a remote web server that contains the code.
by Jerome Athias
Secure Network Messenger 1.4.2 - Denial of Service
by ClearScreen
UBBCentral UBB.Threads 6.2.x < 6.3x - One Char Brute Force
by RusH
Ipswitch Imail - Buffer Overflow
Stack-based buffer overflow in IPSwitch IMail 8.13 allows remote authenticated users to execute arbitrary code via a long IMAP DELETE command.
by Zatlander
SecureAction Research Secure Network Messenger 1.4.x - Remote Denial of Service
by Luigi Auriemma
Pablo Software Solutions Quick N Easy FTP Server - Buffer Overflow
Buffer overflow in Unicode processing in the logging functionality in Pablo Software Solutions Quick 'n Easy FTP Server Professional and Lite, probably 3.0, allows remote authenticated users to execute arbitrary code by sending a command with a long argument, which triggers a buffer overflow when an admin selects the Logging section in the FTP server main window. NOTE: the original researcher claims that the vendor disputes this issue.
by KaGra
BaSoMail Server 1.24 - POP3/SMTP Remote Denial of Service
by KaGra
IIS 5.0-6.0 - DoS
The WebDAV Message Handler for Internet Information Services (IIS) 5.0, 5.1, and 6.0 allows remote attackers to cause a denial of service (memory and CPU exhaustion, application crash) via a PROPFIND request with an XML message containing XML elements with a large number of attributes.
by Amit Klein
Saleslogix - Path Traversal
Directory traversal vulnerability in SalesLogix 6.1 allows remote attackers to upload arbitrary files via a .. (dot dot) in a ProcessQueueFile request.
by Carl Livitt
Saleslogix - Path Traversal
Directory traversal vulnerability in SalesLogix 6.1 allows remote attackers to upload arbitrary files via a .. (dot dot) in a ProcessQueueFile request.
by Carl Livitt
Microsoft Windows NT Server <4.0-2003 - RCE
The Network News Transfer Protocol (NNTP) component of Microsoft Windows NT Server 4.0, Windows 2000 Server, Windows Server 2003, Exchange 2000 Server, and Exchange Server 2003 allows remote attackers to execute arbitrary code via XPAT patterns, possibly related to improper length validation and an "unchecked buffer," leading to off-by-one and heap-based buffer overflows.
by Lucas Lavarello
Ipswitch WhatsUp Gold <8.03.1 - RCE
Buffer overflow in the _maincfgret.cgi script for Ipswitch WhatsUp Gold before 8.03 Hotfix 1 allows remote attackers to execute arbitrary code via a long instancename parameter.
by LoWNOISE
Emulive Server4 - Denial of Service
EmuLive Server4 Commerce Edition Build 7560 allows remote attackers to cause a denial of service (application crash) via a sequence of carriage returns sent to TCP port 66.
by GulfTech Security
Francisco Burzi Php-nuke - SQL Injection
SQL injection vulnerability in (1) auth.php and (2) admin.php in PHP-Nuke 6.x through 7.2 allows remote attackers to execute arbitrary SQL code and create an administrator account via base64-encoded SQL in the admin parameter.
by iko94
htpasswd Apache 1.3.31 - Local Overflow
by Luiz Fernando Camargo
Ipswitch WhatsUp Gold 7.0/8.0 - Notification Instance Name Remote Buffer Overflow
by anonymous
EFS Software Efs Web Server - Denial of Service
Easy File Sharing (EFS) Webserver 1.25 allows remote attackers to cause a denial of service (CPU consumption or crash) via many large HTTP requests.
by GulfTech Security
Working Resources. Badblue - Denial of Service
BadBlue 2.5 allows remote attackers to cause a denial of service (refuse HTTP connections) via a large number of connections from the same IP address.
by GulfTech Security
PHPMyWebHosting <0.3.4 - SQL Injection
SQL injection vulnerability in pmwh.php in PHPMyWebHosting 0.3.4 and earlier allows remote attackers to modify SQL statements via the password parameter.
by Noam Rathaus
By Source