CVE-2002-0307

Directory traversal vulnerability in ans.pl in Avenger's News System ANS 2.11 and earlier allows remote attackers to determine the existence of arbitrary files or execute any Perl program on the system via a .. dot dot in the p parameter, which reads the target file and attempts to execute the li...

SQL, PERL, HTML injection in IBM Informix Web DataBlade

There are multiple ways for SQL query modification and to execute user-supplied perl file...

qDefense Advisory: DCForum allows remote read/write/execute

qDefense Advisory Number QDAV-5-2000-1 Product: DCForum Vendor: DCScripts www.dcscripts.com Version Tested: DCForum 2000 1.0 Severity: Any remote attacker may gain read/write/execute privilleges Cause: Failure to validate input; Trust of hidden fields; Allows uploading of arbitrary files by defau...

Дырка в DCForum (file uploading, perl execution)

Можно загрузить и выполнить perl-приложение...

CVSWeb Developer CVSWeb 1.80 - Insecure Perl 'open' Code Execution

source: https://www.securityfocus.com/bid/1469/info Cvsweb 1.80 makes an insecure call to the perl OPEN function, providing attackers with write access to a cvs repository the ability to execute arbitrary commands on the host machine. The code that is being exploited here is the following: open$f...