Html Exploits
2,054 exploits tracked across all sources.
Arris TG1682G - Unauthenticated XSS
Arris TG1682G devices with Comcast TG1682_2.0s7_PRODse 10.0.59.SIP.PC20.CT software allow Unauthenticated Stored XSS via the actionHandler/ajax_managed_services.php service parameter.
by Nu11By73
CVSS 6.1
PHP Server Monitor 3.1.1 - Cross-Site Request Forgery / Privilege Escalation
by hyp3rlinx
Dream CMS 2.3.0 - Cross-Site Request Forgery (Add Extension) / Arbitrary File Upload / PHP Code Execution
by LiquidWorm
Microsoft Internet Explorer 11 - Stack Underflow Crash (PoC)
by Mjx
Auto-exchanger - CSRF
Cross-site request forgery (CSRF) vulnerability in Auto-Exchanger 5.1.0 allows remote attackers to hijack the authentication of users for requests that change a password via a request to signup.php.
by Aryan Bayaninejad
Creative-solutions Contact Form Generator < 2.0.1 - CSRF
Multiple cross-site request forgery (CSRF) vulnerabilities in the Contact Form Generator plugin 2.0.1 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for requests that (1) create a field, (2) update a field, (3) delete a field, (4) create a form, (5) update a form, (6) delete a form, (7) create a template, (8) update a template, (9) delete a template, or (10) conduct cross-site scripting (XSS) attacks via a crafted request to the cfg_forms page in wp-admin/admin.php.
by i0akiN SEC-LABORATORY
GPON Home Router FTP G-93RG1 - Cross-Site Request Forgery / Command Execution
by Phan Thanh Duy
Pligg Cms - CSRF
Cross-site request forgery (CSRF) vulnerability in Pligg CMS 2.0.2 allows remote attackers to hijack the authentication of administrators for requests that add an administrator via a request to admin/admin_users.php.
by Arash Khazaei
Microsoft Internet Explorer - Memory Corruption
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2442.
by Blue Frost Security GmbH
Microweber 1.0.3 - Persistent Cross-Site Scripting / Cross-Site Request Forgery (Add Admin)
by LiquidWorm
McAfee SiteAdvisor 3.7.2 - Firefox Use-After-Free (PoC)
by Marcin Ressel
Digital River Esellerate SDK - Buffer Overflow
Buffer overflow in the GetWebStoreURL function in a certain ActiveX control in eSellerateControl365.dll 3.6.5.0 in eSellerate SDK allows user-assisted remote attackers to execute arbitrary code via a long first argument.
by metacom
Cisco AnyConnect Secure Mobility 2.x/3.x/4.x - Client Denial of Service (PoC)
by LiquidWorm
Microsoft Internet Explorer 11 - Crash (PoC) (2)
by Pawel Wylecial
1 Click Extract Audio 2.3.6 - Activex Buffer Overflow
by metacom
1 Click Audio Converter 2.3.6 - Activex Local Buffer Overflow
by metacom
Microsoft Internet Explorer 11 - Crash (PoC) (1)
by Garage4Hackers
ManageEngine EventLog Analyzer 10.0 Build 10001 - Cross-Site Request Forgery
by Akash S. Chavan
Samsung Ipolis Device Manager - Memory Corruption
Buffer overflow in the XnsSdkDeviceIpInstaller.ocx ActiveX control in Samsung iPOLiS Device Manager 1.12.2 allows remote attackers to execute arbitrary code via a long string in the first argument to the (1) ReadConfigValue or (2) WriteConfigValue function.
by Praveen Darshanam
Balero CMS 0.7.2 - Multiple JS/HTML Injection Vulnerabilities
by LiquidWorm
By Source