CVE-2026-8500 Web::Passwd versions through 0.03 for Perl is vulnerable to RCE

Web::Passwd versions through 0.03 for Perl is vulnerable to RCE. Web::Passwd is a small CGI application for managing htpasswd files using the htpasswd command. The user parameter is not validated or escaped, and is used as the last argument on the command line, allowing for command injection...

[SECURITY] Fedora 43 Update: perl-CGI-Simple-1.282-1.fc43

Simple totally OO CGI interface that is CGI.pm compliant...

Fedora: Security Advisory (FEDORA-2025-47551b2aa2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2025-3dd97ed203)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 43 : perl-CGI-Simple (2025-3dd97ed203)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-3dd97ed203 advisory. 1.282 - Sanitize all user-supplied values before inserting into HTTP headers; Fixed CVE-2025-40927. Tenable has extracted the preceding description block...

Fedora 42 : perl-CGI-Simple (2025-47551b2aa2)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-47551b2aa2 advisory. 1.282 - Sanitize all user-supplied values before inserting into HTTP headers; Fixed CVE-2025-40927. Tenable has extracted the preceding description block...

OPENSUSE-SU-2025:15625-1 perl-CGI-Simple-1.282.0-1.1 on GA media

These are all security issues fixed in the perl-CGI-Simple-1.282.0-1.1 package on the GA media of openSUSE Tumbleweed...

EUVD-2009-2560

Malware in sbrugna...

EUVD-2015-0881

Malware in sbrugna...

EUVD-2015-0878

Malware in sbrugna...

OPENSUSE-SU-2024:10545-1 perl-CGI-Simple-1.115-1.4 on GA media

These are all security issues fixed in the perl-CGI-Simple-1.115-1.4 package on the GA media of openSUSE Tumbleweed...

SUSE CVE-2010-4410

CRLF injection vulnerability in the header function in 1 CGI.pm before 3.50 and 2 Simple.pm in CGI::Simple 1.112 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via vectors related to non-whitespace characters preceded by newline...

Schneider Electric SpaceLogic C-Bus Home Controller (5200WHC2) Remote Root

SpaceLogic.ps1 Schneider Electric SpaceLogic C-Bus Home Controller 5200WHC2 Remote Root Exploit Vendor: Schneider Electric SE Product web page: https://www.se.com https://www.se.com/ww/en/product/5200WHC2/home-controller-spacelogic-cbus-cbus-ip-free-standing-24v-dc/...

new packages: perl-CGI

An update is available for perl-CGI. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Enterpris...

Mageia: Security Advisory (MGASA-2017-0146)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2014-0098)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

HTTP Response Splitting

perl is vulnerable to HTTP response splitting. The vulnerability exists as it was found that the Perl CGI module used a hard-coded value for the MIME boundary string in multipart/x-mixed-replace content. A remote attacker could possibly use this flaw to conduct an HTTP response splitting attack v...

JVN#22536871: QQQ SYSTEMS vulnerable to arbitrary command injection

QQQ SYSTEMS provided by Gundam Cult QQQ is a perl CGI script to create quiz pages. QQQ SYSTEMS contains an OS command injection vulnerability CWE-78. Impact An attacker may execute an arbitrary OS command with the web server's execution privilege. Solution Consider stop using QQQ SYTEMS 2.24 Sinc...

Solaris 10 (sparc) : 141552-04

SunOS 5.10: Apache 2 modperl Perl cgi pat. Date this patch was last updated by Sun : Apr/20/11 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if...

MGASA-2017-0146 Updated perl-CGI-Emulate-PSGI packages fix security vulnerability

This update removes the setting of the HTTPPROXY environment value. This works around the httproxy vulnerability aka CVE-2016-5387...