Html Exploits
2,054 exploits tracked across all sources.
PiXie CMS 1.04 - Multiple Cross-Site Request Forgery Vulnerabilities
by Ali Raheem
Coppermine Photo Gallery <1.5.10 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in Coppermine Photo Gallery 1.5.10 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) h and (2) t parameters to help.php, or (3) picfile_XXX parameter to searchnew.php.
by waraxe
CubeCart 3.0.6 - Cross-Site Request Forgery (Add Admin)
by P0C T34M
Microsoft Wmi Administrative Tools < 1.1 - Code Injection
The WMITools ActiveX control in WBEMSingleView.ocx 1.50.1131.0 in Microsoft WMI Administrative Tools 1.1 and earlier in Microsoft Windows XP SP2 and SP3 allows remote attackers to execute arbitrary code via a crafted argument to the AddContextRef method, possibly an untrusted pointer dereference, aka "Microsoft WMITools ActiveX Control Vulnerability."
by WooYun
Microsoft Wmi Administrative Tools < 1.1 - Code Injection
The WBEMSingleView.ocx ActiveX control 1.50.1131.0 in Microsoft WMI Administrative Tools 1.1 and earlier allows remote attackers to execute arbitrary code via a crafted argument to the ReleaseContext method, a different vector than CVE-2010-3973, possibly an untrusted pointer dereference.
by WooYun
D-Link DIR-300 - Cross-Site Request Forgery (Change Admin Account Settings)
by outlaw.dll
SAP Crystal Reports - Memory Corruption
Heap-based buffer overflow in the CrystalReports12.CrystalPrintControl.1 ActiveX control in PrintControl.dll 12.3.2.753 in SAP Crystal Reports 2008 SP3 Fix Pack 3.2 allows remote attackers to execute arbitrary code via a long ServerResourceVersion property value.
by Dr_IDE
Helix Server 14.0.1.571 - Administration Interface Cross-Site Request Forgery
by John Leitch
Microsoft Internet Explorer - Resource Management Error
Use-after-free vulnerability in the CSharedStyleSheet::Notify function in the Cascading Style Sheets (CSS) parser in mshtml.dll, as used in Microsoft Internet Explorer 6 through 8 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a self-referential @import rule in a stylesheet, aka "CSS Memory Corruption Vulnerability."
by WooYun
Flash Player - 'Flash6.ocx' AllowScriptAccess Denial of Service (PoC)
by Dr_IDE
AVG Internet Security 2011 - Safe Search for IE Denial of Service
by Dr_IDE
PHPKF Forum 1.80 - 'profil_degistir.php' Cross-Site Request Forgery
by FreWaL
Viscom Image Viewer CP Pro/Gold <8.0-6.0 - Buffer Overflow
Stack-based buffer overflow in the TIFMergeMultiFiles function in the SCRIBBLE.ScribbleCtrl.1 ActiveX control (ImageViewer2.ocx) in Viscom Image Viewer CP Pro 8.0 and Gold 6.0 allows remote attackers to execute arbitrary code via a long strDelimit parameter.
by Dr_IDE
J-Integra 2.11 - ActiveX SetIdentity() Buffer Overflow
by Dr_IDE
Diferior 8.03 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in Diferior 8.03 allow remote attackers to inject arbitrary web script or HTML via the (1) post_content parameter to post/edit/2/p1.html, related to views/post.php; the (2) slogan parameter to admin/site/2.html, related to views/admin.php; or the (3) subcatname or (4) description parameter to admin/forum/create_sub.html, related to views/admin.php.
by High-Tech Bridge SA
Car Portal 2.0 - 'car_make' Cross-Site Scripting
by Underground Stockholm
Site2nite Big Truck Broker - SQL Injection
SQL injection vulnerability in news_default.asp in Site2Nite Big Truck Broker allows remote attackers to execute arbitrary SQL commands via the txtSiteId parameter.
by underground-stockholm.com
Wolf CMS 0.6.0b - Multiple Vulnerabilities
by High-Tech Bridge SA
Frog CMS 0.9.5 - Multiple Vulnerabilities
by High-Tech Bridge SA
By Source