Html Exploits
2,054 exploits tracked across all sources.
SlimCMS 0.1 - Cross-Site Request Forgery (Change Admin Password)
by Avinash Thapa
Ultrabenosaurus ChatBoard - Cross-Site Request Forgery (Send Message)
by HaHwul
Viart Shopping Cart 5.0 - Cross-Site Request Forgery / Arbitrary File Upload
by Ali Ghanbari
Mobiketa 1.0 - Cross-Site Request Forgery (Add Admin)
by Murat Yilmazlar
miniMySQLAdmin 1.1.3 - Cross-Site Request Forgery (SQL Execution)
by HaHwul
Dream Gallery 1.0 - Cross-Site Request Forgery (Add Admin)
by Ali Ghanbari
ArticleSetup 1.00 - Cross-Site Request Forgery (Change Admin Password)
by Ali Ghanbari
Flatpress 1.0.3 - Cross-Site Request Forgery / Arbitrary File Upload
by LiquidWorm
Baidu Spark Browser 43.23.1000.476 - Address Bar URL Spoofing
by liu zhu
EMC ViPR SRM <3.7 - CSRF
Multiple cross-site request forgery (CSRF) vulnerabilities in administrative pages in EMC ViPR SRM before 3.7 allow remote attackers to hijack the authentication of administrators.
by Han Sahin
CVSS 8.8
Microsoft Internet Explorer 11 - MSHTML!CMarkupPointer::UnEmbed Use-After-Free
by Marcin Ressel
Microsoft Internet Explorer <11 - Info Disclosure
Microsoft Internet Explorer 9 through 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability."
by Ashfaq Ansari
Hikvision Digital Video Recorder - Cross-Site Request Forgery
by LiquidWorm
Microsoft Edge - Memory Corruption
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0105, CVE-2016-0107, CVE-2016-0112, and CVE-2016-0113.
by Google Security Research
CVSS 7.5
MOBOTIX Video Security Cameras - Cross-Site Request Forgery (Add Admin)
by LiquidWorm
Microsoft Internet Explorer - Memory Corruption
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0102, CVE-2016-0103, CVE-2016-0106, CVE-2016-0109, and CVE-2016-0114.
by Google Security Research
CVSS 7.5
Bluethrust Clan Scripts v4 R17 - Multiple Vulnerabilities
by Brandon Murphy
Microsoft Internet Explorer - Out-of-Bounds Write
JScript 9 in Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "JScript9 Memory Corruption Vulnerability."
by checkpoint
CVSS 8.8
pfSense Firewall 2.2.5 - Config File Cross-Site Request Forgery
by Aatif Shahdad
Trend Micro Password Manager - Command Injection
The HTTP server in Trend Micro Password Manager allows remote web servers to execute arbitrary commands via the url parameter to (1) api/openUrlInDefaultBrowser or (2) api/showSB.
by Google Security Research
CVSS 9.8
Microsoft Internet Explorer 11.0.9600.18124 EdUtil::GetCommonAncestorElement - Denial of Service
by Marcin Ressel
Microsoft Internet Explorer - Memory Corruption
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6162.
by Moritz Jodeit
Microsoft Internet Explorer 11.0.9600.18097 - COmWindowProxy::SwitchMarkup NULL PTR
by Marcin Ressel
By Source