Html Exploits
2,054 exploits tracked across all sources.
The Pacer Edition CMS 2.1 - 'email' Cross-Site Scripting
by LiquidWorm
Magneto ICMP ActiveX 4.0.0.20 - ICMPSendEchoRequest Remote Code Execute
by boahat
cPanel < 11.25 - Cross-Site Request Forgery (Add User PHP Script)
by ninjashell
Andy's PHP KnowledgeBase 0.95.4 - 'step5.php' PHP Remote Code Execution
by AutoSec Tools
Ampache 3.5.4 - 'login.php' Cross-Site Scripting
by AutoSec Tools
VCalendar 1.1.5 - Cross-Site Request Forgery
by High-Tech Bridge SA
ICONICS BizViz <9.22, GENESIS32 <9.22 - RCE
Stack-based buffer overflow in the SetActiveXGUID method in the VersionInfo ActiveX control in GenVersion.dll 8.0.138.0 in the WebHMI subsystem in ICONICS BizViz 9.x before 9.22 and GENESIS32 9.x before 9.22 allows remote attackers to execute arbitrary code via a long string in the argument. NOTE: some of these details are obtained from third party information.
by sgb & bls
Exponent CMS 2.0 Beta 1.1 - Cross-Site Request Forgery (Add Administrator Account)
by outlaw.dll
Gesytec ElonFmt ActiveX 1.1.14 - 'ElonFmt.ocx' pid Item Buffer Overflow (SEH)
by LiquidWorm
Socialcms - CSRF
Multiple cross-site request forgery (CSRF) vulnerabilities in SocialCMS 1.0.2 allow remote attackers to hijack the authentication of administrators for requests that (1) add administrator accounts via a member_new action to my_admin/admin1_members.php or (2) modify the default site title via a save action to my_admin/admin1_configuration.php.
by vir0e5
docuFORM Mercury WebApp 6.16a/5.20 - Multiple Cross-Site Scripting Vulnerabilities
by LiquidWorm
Allomani Web Links 1.0 - Cross-Site Request Forgery (Add Admin)
by AtT4CKxT3rR0r1ST
Allomani Super MultiMedia Library 2.5.0 - Cross-Site Request Forgery (Add Admin)
by AtT4CKxT3rR0r1ST
Allomani News 1.0 - Cross-Site Request Forgery (Add Admin)
by AtT4CKxT3rR0r1ST
Allomani Movies Library 2.0 - Cross-Site Request Forgery (Add Admin)
by AtT4CKxT3rR0r1ST
Allomani E-Store 1.0 - Cross-Site Request Forgery (Add Admin) (2)
by AtT4CKxT3rR0r1ST
Allomani Audio and Video Library 2.7.0 - Cross-Site Request Forgery (Add Admin)
by AtT4CKxT3rR0r1ST
Apple Safari <5.0 - Use After Free
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Safari before 4.1 on Mac OS X 10.4, and Safari on Apple iPhone OS allows remote attackers to execute arbitrary code or cause a denial of service (application crash), or read the SMS database or other data, via vectors related to "attribute manipulation," as demonstrated by Vincenzo Iozzo and Ralf Philipp Weinmann during a Pwn2Own competition at CanSecWest 2010.
by MJ Keith
Wellintech Kingview - Memory Corruption
Stack-based buffer overflow in an ActiveX control in KVWebSvr.dll in WellinTech KingView 6.52 and 6.53 allows remote attackers to execute arbitrary code via a long second argument to the ValidateUser method.
by Carlos Mario Penagos Hollmann
N-13 News 4.0 - Cross-Site Request Forgery (Add Admin)
by AtT4CKxT3rR0r1ST
By Source