Html Exploits
2,054 exploits tracked across all sources.
osCommerce 3.0a5 - Local File Inclusion / HTML Injection
by Jordi Chancel
Webmoney Advisor - ActiveX Remote Denial of Service
by Go0o$E
Apple Safari 4.0.3/4.0.4 - Stack Exhaustion
by Fredrik Nordberg Almroth
Gpeasy Cms < 1.6.2 - CSRF
Cross-site request forgery (CSRF) vulnerability in gpEasy CMS 1.6.2, 1.6.1, and earlier allows remote attackers to hijack the authentication of administrators for requests that create new administrative users via an Admin_Users action to index.php. NOTE: some of these details are obtained from third party information.
by Giuseppe 'giudinvx' D'Inverno
Apple Safari < 4.0.5 - Use After Free
Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an HTML document with improperly nested tags.
by Dr_IDE
CVSS 8.8
Tr Forum 2.0 - Auth Bypass
Tr Forum 2.0 allows remote attackers to bypass authentication and add an administrative account via the login and password parameters to admin/insert_admin.php.
by EL-KAHINA
HP Operations Manager <8.16 - RCE
Multiple stack-based buffer overflows in a certain Tetradyne ActiveX control in HP Operations Manager 7.5, 8.10, and 8.16 might allow remote attackers to execute arbitrary code via a long string argument to the (1) LoadFile or (2) SaveFile method, related to srcvw32.dll and srcvw4.dll.
by mr_me
Magneto Net Resource ActiveX 4.0.0.5 - 'NetShareEnum' Universal
by dookie
Magneto Net Resource ActiveX 4.0.0.5 - 'NetFileClose' Universal
by dookie
Magneto Net Resource ActiveX 4.0.0.5 - 'NetConnectionEnum' Universal
by dookie
MagnetoSoft SNTP 4.0.0.7 - ActiveX SntpGetReply Buffer Overflow
by s4squatch
MagnetoSoft ICMP 4.0.0.18 - ActiveX AddDestinationEntry Buffer Overflow
by s4squatch
MagnetoSoft SNTP 4.0.0.7 - ActiveX SntpSendRequest Crash (PoC)
by s4squatch
MagnetoSoft NetworkResources 4.0.0.5 - ActiveX NetShareEnum Overwrite (SEH) (PoC)
by s4squatch
MagnetoSoft NetworkResources 4.0.0.5 - ActiveX NetSessionDel (PoC)
by s4squatch
MagnetoSoft NetworkResources 4.0.0.5 - ActiveX NetFileClose Overwrite (SEH) (PoC)
by s4squatch
MagnetoSoft NetworkResources - ActiveX NetConnectionEnum Overwrite (SEH) (PoC)
by s4squatch
MagnetoSoft DNS 4.0.0.9 - ActiveX DNSLookupHostWithServer (PoC)
by s4squatch
Uiga Proxy - RCE
PHP remote file inclusion vulnerability in include/template.php in Uiga Proxy, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the content parameter.
by ITSecTeam
Prediction League 0.3.8 - Cross-Site Request Forgery (Add Admin)
by indoushka
Nodesforum <1.045 - RCE
Multiple PHP remote file inclusion vulnerabilities in Nodesforum 1.033 and 1.045, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) _nodesforum_path_from_here_to_nodesforum_folder parameter to erase_user_data.php and the (2) _nodesforum_code_path parameter to pre_output.php. NOTE: some of these details are obtained from third party information.
by ITSecTeam
By Source