Html Exploits
2,054 exploits tracked across all sources.
Cisco Linksys WAG120N - Cross-Site Request Forgery
by Khashayar Fereidani
Edraw Office Viewer Component 7.4 - ActiveX Stack Buffer Overflow
by Alexander Gavrun
AoA Mp4 Converter 4.1.0 - ActiveX Stack Overflow
by Carlos Mario Penagos Hollmann
AoA DVD Creator 2.5 - ActiveX Stack Overflow
by Carlos Mario Penagos Hollmann
Maxthon Browser 3.0.20.1000 - ref / replace Denial of Service
by Carlos Mario Penagos Hollmann
vBSEO 3.2.2/3.5.2 - Multiple Cross-Site Scripting Vulnerabilities
by MaXe
Google Chrome 8.0.552.237 - replace Denial of Service
by Carlos Mario Penagos Hollmann
Phplinkdirectory Php Link Directory - CSRF
Cross-site request forgery (CSRF) vulnerability in admin/conf_users_edit.php in PHP Link Directory (phpLD) 4.1.0 allows remote attackers to hijack the authentication of administrators for requests that add an administrator via the N action.
by AtT4CKxT3rR0r1ST
Novell Iprint Client - Memory Corruption
Stack-based buffer overflow in an ActiveX control in ienipp.ocx in Novell iPrint Client 5.52 allows remote attackers to execute arbitrary code via a long argument to (1) the GetDriverSettings2 method, as reachable by (2) the GetDriverSettings method.
by Dr_IDE
Google Chrome 8.0.552.237 - address Overflow Denial of Service
by Vuk Ivanovic
Network-13 N-13 News - CSRF
Cross-site request forgery (CSRF) vulnerability in news/admin.php in N-13 News 3.4, 3.7, and 4.0 allows remote attackers to hijack the authentication of administrators for requests that create new users via the options action. NOTE: some of these details are obtained from third party information.
by anT!-Tr0J4n
Smoothwall - XSS
Cross-site scripting (XSS) vulnerability in the web management interface in httpd/cgi-bin/ipinfo.cgi in Smoothwall Express 3.1 and 3.0 SP3 and earlier allows remote attackers to inject arbitrary web script or HTML via the IP parameter in a Run action.
by dave b
Smoothwall < 3.1 - CSRF
Cross-site request forgery (CSRF) vulnerability in the web management interface in httpd/cgi-bin/shutdown.cgi in Smoothwall Express 3.1 and 3.0 SP3 and earlier allows remote attackers to hijack the authentication of administrators for requests that perform a reboot via a request to cgi-bin/shutdown.cgi.
by dave b
Realnetworks Realplayer - Code Injection
The browser-plugin implementation in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1 allows remote attackers to arguments to the RecordClip method, which allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via a " (double quote) in an argument to the RecordClip method, aka "parameter injection."
by Sean de Regge
Microsoft Data Access Components (MDAC) <2.8 SP1 & WDAC 6.0 - RCE
Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2, and Windows Data Access Components (WDAC) 6.0, does not properly validate memory allocation for internal data structures, which allows remote attackers to execute arbitrary code, possibly via a large CacheSize property that triggers an integer wrap and a buffer overflow, aka "ADO Record Memory Vulnerability." NOTE: this might be a duplicate of CVE-2010-1117 or CVE-2010-1118.
by Peter Vreugdenhil
Newv SmartClient 1.1.0 - 'NewvCommon.ocx' ActiveX Control Multiple Vulnerabilities
by wsn1983
S40 CMS 0.4.1 - Cross-Site Request Forgery (Change Admin Password)
by pentesters.ir
YourTube 1.0 - Cross-Site Request Forgery (Add User)
by AtT4CKxT3rR0r1ST
HP Photo Creative 2.x audio.Record.1 - ActiveX Control Remote Stack Buffer Overflow
by rgod
Chilkat Software FTP2 - ActiveX Component Remote Code Execution
by rgod
By Source