Html Exploits
2,076 exploits tracked across all sources.
WordPress Plugin IndiaNIC FAQs Manager 1.0 - Multiple Vulnerabilities
by m3tamantra
WordPress Plugin Occasions 1.0.4 - Cross-Site Request Forgery
by m3tamantra
WordPress Plugin Occasions - Cross-Site Request Forgery
by m3tamantra
Dell SonicWALL Scrutinizer - Multiple HTML Injection Vulnerabilities
by Benjamin Kunz Mejri
Novell GroupWise <8.0.3-2012 - RCE/DoS
The client in Novell GroupWise 8.0 before 8.0.3 HP2 and 2012 before SP1 HP1 allows remote attackers to execute arbitrary code or cause a denial of service (incorrect pointer dereference) via unspecified vectors.
by High-Tech Bridge
Microsoft Internet Explorer 6-9 and 10 Consumer Preview - Remote Code Execution via Col Element Handling
Microsoft Internet Explorer 6 through 9, and 10 Consumer Preview, does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by attempting to access a nonexistent object, leading to a heap-based buffer overflow, aka "Col Element Remote Code Execution Vulnerability," as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2012.
by sickness
Samsung Kies < 2.5.0.12114_1 - Remote Code Execution via SyncService.dll PrepareSync Password Argument
Buffer overflow in the PrepareSync method in the SyncService.dll ActiveX control in Samsung Kies before 2.5.1.12123_2_7 allows remote attackers to execute arbitrary code via a long string to the password argument.
by High-Tech Bridge
Bulb Security Smartphone Pentest Framework 0.1.2-0.1.4 - Remote Code Execution via Shell Metacharacters
Bulb Security Smartphone Pentest Framework (SPF) 0.1.2 through 0.1.4 allows remote attackers to execute arbitrary commands via shell metacharacters in the hostingPath parameter to (1) SEAttack.pl or (2) CSAttack.pl in frameworkgui/ or the (3) appURLPath parameter to frameworkgui/attachMobileModem.pl.
by High-Tech Bridge
CVSS 9.8
Open-Realty 2.5.8 - Cross-Site Request Forgery
by Aung Khant
Aladdin Knowledge System Ltd - 'PrivAgent.ocx' ChooseFilePath Buffer Overflow
by b33f
WHMCompleteSolution (WHMCS) 4.5.2 - 'googlecheckout.php' SQL Injection
by Starware Security Team
WordPress Plugin Wordfence Security - Cross-Site Scripting
by MustLive
WordPress Plugin Sexy Add Template - Cross-Site Request Forgery
by the_cyber_nuxbie
WordPress Core 3.4.2 - Cross-Site Request Forgery
by AkaStep
IFOBS - 'regclientprint.jsp' Multiple HTML Injection Vulnerabilities
by MustLive
PrestaShop < 1.4.9.0 - Cross-Site Scripting via product[] Parameter in ajax.php
Cross-site scripting (XSS) vulnerability in PrestaShop before 1.4.9 allows remote attackers to inject arbitrary web script or HTML via the index of the product[] parameter to ajax.php.
by High-Tech Bridge
CVSS 6.1
Microsoft Indexing Service - 'ixsso.dll' ActiveX Control Denial of Service
by coolkaveh
SiNG cms - 'Password.php' Cross-Site Scripting
by LiquidWorm
By Source