Html Exploits

2,054 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-105578 EXPLOITDB html VERIFIED
BOLDfx Recipe Script 5.0 - Multiple Remote Vulnerabilities
by Milos Zivanovic
EIP-2026-105577 EXPLOITDB html VERIFIED
BOLDfx eUploader 3.1.1 - 'admin.php' Multiple Remote Vulnerabilities
by Milos Zivanovic
EIP-2026-119109 EXPLOITDB html VERIFIED
SAP GUI for Windows - 'sapirrfc.dll' ActiveX Overflow
by Abysssec
CVE-2009-4219 EXPLOITDB html VERIFIED
MyActiveX <1.4.8.0 - Buffer Overflow
Stack-based buffer overflow in the MYACTIVEX.MyActiveXCtrl.1 ActiveX control in MyActiveX.ocx 1.4.8.0 in Haihaisoft Universal Player allows remote attackers to execute arbitrary code via a long URL property value. NOTE: some of these details are obtained from third party information.
by shinnai
EIP-2026-113751 EXPLOITDB html VERIFIED
WordPress Plugin Firestats 1.0.2 - Multiple Cross-Site Scripting / Authentication Bypass Vulnerabilities (2)
by MustLive
EIP-2026-113776 EXPLOITDB html VERIFIED
WordPress Plugin Fuctweb CapCC 1.0 CAPTCHA - Security Bypass
by MustLive
EIP-2026-118496 EXPLOITDB html VERIFIED
EasyMail Objects 'EMSMTP.DLL 6.0.1' - ActiveX Control Remote Buffer Overflow
by Will Dormann
CVE-2009-3382 EXPLOITDB html VERIFIED
Mozilla Firefox - Denial of Service
layout/base/nsCSSFrameConstructor.cpp in the browser engine in Mozilla Firefox 3.0.x before 3.0.15 does not properly handle first-letter frames, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.
by Carsten Book
CVE-2009-4743 EXPLOITDB html VERIFIED
AfterLogic WebMail Pro <4.7.10 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in history-storage.aspx in AfterLogic WebMail Pro 4.7.10 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) HistoryStorageObjectName and (2) HistoryKey parameters.
by Sébastien Duquette
CVE-2009-3573 EXPLOITDB html VERIFIED
EMC Captiva PixTools Distributed Imaging <2.2 - File Creation/Overw...
Multiple insecure method vulnerabilities in the PDIControl.PDI.1 ActiveX control (PDIControl.dll) 2.2.3160.0 in EMC Captiva PixTools Distributed Imaging 2.2 allow remote attackers to create or overwrite arbitrary files via the (1) SetLogFileName and (2) WriteToLog methods.
by Giuseppe Fuggiano
EIP-2026-119004 EXPLOITDB html VERIFIED
Oracle - Document Capture BlackIce DEVMODE
by pyrokinesis
CVE-2009-3518 EXPLOITDB html VERIFIED
IBM Installation Manager < 1.3.2 - Code Injection
Argument injection vulnerability in the iim: URI handler in IBMIM.exe in IBM Installation Manager 1.3.2 and earlier, as used in IBM Rational Robot and Rational Team Concert, allows remote attackers to load arbitrary DLL files via the -vm option, as demonstrated by a reference to a UNC share pathname.
by bruiser
EIP-2026-118514 EXPLOITDB html VERIFIED
EMC Captiva QuickScan Pro 4.6 SP1 and EMC Documentum ApllicationXtender Desktop 5.4 (keyhelp.ocx 1.2.312) - Remote Overflow
by pyrokinesis
CVE-2009-3693 EXPLOITDB html VERIFIED
Persits Xupload - Path Traversal
Directory traversal vulnerability in the Persits.XUpload.2 ActiveX control (XUpload.ocx) in HP LoadRunner 9.5 allows remote attackers to create arbitrary files via \.. (backwards slash dot dot) sequences in the third argument to the MakeHttpRequest method.
by pyrokinesis
EIP-2026-115534 EXPLOITDB html VERIFIED
Kylinsoft InstantGet 2.08 - ActiveX Control 'ShowBar' Method Buffer Overflow
by the_Edit0r
EIP-2026-119073 EXPLOITDB html VERIFIED
Quiksoft EasyMail 6.0.3.0 - IMAP 'connect()' ActiveX Buffer Overflow
by Sebastian Wolfgarten
CVE-2009-4663 EXPLOITDB html VERIFIED
Quiksoft EasyMail Objects 6 - Buffer Overflow
Heap-based buffer overflow in the Quiksoft EasyMail Objects 6 ActiveX control allows remote attackers to execute arbitrary code via a long argument to the AddAttachment method.
by bmgsec
EIP-2026-115962 EXPLOITDB html VERIFIED
Novell Groupwise Client 7.0.3.1294 - 'gxmim1.dll' ActiveX Control Buffer Overflow (PoC)
by Francis Provencher
EIP-2026-115198 EXPLOITDB html VERIFIED
EasyMail Objects 6.0.2.0 - 'emimap4.dll' ActiveX Control Remote Code Execution
by Francis Provencher
EIP-2026-114915 EXPLOITDB html VERIFIED
Apple iPhone 2.2.1/3.x - MobileSafari Crash + Reboot (Denial of Service)
by TheLeader
CVE-2009-2966 EXPLOITDB html VERIFIED
Kaspersky Anti-virus - Resource Management Error
avp.exe in Kaspersky Internet Security 9.0.0.459 and Anti-Virus 9.0.0.463 allows remote attackers to cause a denial of service (CPU consumption and network connectivity loss) via an HTTP URL request that contains a large number of dot "." characters.
by Prakhar Prasad
EIP-2026-115945 EXPLOITDB html VERIFIED
Nokia Lotus Notes Connector - 'lnresobject.dll' Remote Denial of Service
by Francis Provencher
EIP-2026-104526 EXPLOITDB html VERIFIED
Novell Client 4.91.5 - ActiveX Control 'nwsetup.dll' Remote Denial of Service (2)
by Francis Provencher
EIP-2026-104525 EXPLOITDB html VERIFIED
Novell Client 4.91.5 - ActiveX Control 'nwsetup.dll' Remote Denial of Service (1)
by Francis Provencher
CVE-2009-3019 EXPLOITDB html VERIFIED
Microsoft Internet Explorer - Code Injection
Microsoft Internet Explorer 6 on Windows XP SP2 and SP3, and Internet Explorer 7 on Vista, allows remote attackers to cause a denial of service (application crash) via JavaScript code that calls createElement to create an instance of the LI element, and then calls setAttribute to set the value attribute.
by Irfan Asrar
By Source
All 2,054 Exploitdb 50,121 Writeup 46,692 Nomisec 21,135 Metasploit 3,189 Github 2,237 Vulncheck_xdb 900 Inthewild 518 Gitlab 439 Gitee 415 Patchapalooza 312
By Language
text 31,341 ruby 5,920 python 5,731 c 3,550 perl 2,854 html 2,054 php 1,334 bash 459 java 359 javascript 260 c++ 246 shell 68 go 41 postscript 25 xml 24