Html Exploits
2,076 exploits tracked across all sources.
Mole Group Bus & Sky Hunter Airline Script - Unauthenticated Password Change via admin.php
admin/admin.php in Mole Group Sky Hunter Airline Ticket Sale Script and Bus Ticket Script allows remote attackers to change an arbitrary password via a modified user_id field.
by G4N0K
Chinagames iGame 2009 - Stack-Based Buffer Overflow via CreateChinagames Method
Stack-based buffer overflow in the Chinagames CGAgent ActiveX control 1.x in CGAgent.dll, as distributed in Chinagames iGame 2009, allows remote attackers to execute arbitrary code via a long argument to the CreateChinagames method, as exploited in the wild in April and May 2009. NOTE: some of these details are obtained from third party information.
by etirah
Baofeng Storm < 3.09.04.17 - Remote Code Execution via Config.dll SetAttributeValue
Unspecified vulnerability in Config.dll in Baofeng products 3.09.04.17 and earlier allows remote attackers to execute arbitrary code by calling the SetAttributeValue method, as exploited in the wild in April and May 2009.
by etirah
AOL IWinAmpActiveX Class - 'ConvertFile()' Remote Buffer Overflow
by rgod
Apple Safari < 4.0.2 - Cross-Site Scripting via Parent and Top Object Handling
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms, allows remote attackers to inject arbitrary web script or HTML via vectors related to parent and top objects.
by Gareth Hayes
PHP Article Publisher - Remote Change Admin Password
by ahmadbady
Apple iPhone OS <2.2.1 - Info Disclosure
The Mail component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 dismisses the call approval dialog when another alert appears, which might allow remote attackers to force the iPhone to place a call without user approval by causing an application to trigger an alert.
by Collin Mulliner
Apple iPhone OS <2.2.1 - Info Disclosure
The Mail component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 dismisses the call approval dialog when another alert appears, which might allow remote attackers to force the iPhone to place a call without user approval by causing an application to trigger an alert.
by Collin Mulliner
Apple iPhone OS <2.2.1 - Info Disclosure
The Mail component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 dismisses the call approval dialog when another alert appears, which might allow remote attackers to force the iPhone to place a call without user approval by causing an application to trigger an alert.
by Collin Mulliner
Apple QuickTime 7.4.1 - Null Pointer Dereference Denial of Service
by Thierry Zoller
JRE 6 Update 13 - Remote Code Execution via Deployment Toolkit ActiveX Control Buffer Overflow
Multiple buffer overflows in the Deployment Toolkit ActiveX control in deploytk.dll 6.0.130.3 in Sun Java SE Runtime Environment (aka JRE) 6 Update 13 allow remote attackers to execute arbitrary code via a long string argument to the (1) setInstallerType, (2) setAdditionalPackages, (3) compareVersion, (4) getStaticCLSID, or (5) launch method.
by shinnai
JRE 6 Update 13 - Remote Code Execution via Deployment Toolkit ActiveX Control
The Deployment Toolkit ActiveX control in deploytk.dll 6.0.130.3 in Sun Java SE Runtime Environment (aka JRE) 6 Update 13 allows remote attackers to (1) execute arbitrary code via a .jnlp URL in the argument to the launch method, and might allow remote attackers to launch JRE installation processes via the (2) installLatestJRE or (3) installJRE method.
by shinnai
Firefox < 3.0.10 - Denial of Service via Large GIF Image in BODY BACKGROUND Attribute
Mozilla Firefox 3.0.10 and earlier on Linux allows remote attackers to cause a denial of service (application crash) via a URI for a large GIF image in the BACKGROUND attribute of a BODY element.
by Ahmad Muammar
Safari < 4.0 - Cross-Site Scripting via Event Handler
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to inject arbitrary web script or HTML via an event handler that triggers script execution in the context of the next loaded document.
by Michal Zalewski
Simple Customer 1.3 - Unauthenticated Admin Credential Change via profile.php
profile.php in Simple Customer 1.3 does not require administrative authentication, which allows remote attackers to change the admin e-mail address and password via the email and password parameters.
by ahmadbady
Job Script Job Board Software 2.0 - Unauthenticated Administrator Password Change via Direct Request
admin/changepassword.php in Job Script Job Board Software 2.0 allows remote attackers to change the administrator password and gain administrator privileges via a direct request.
by TiGeR-Dz
MiniTwitter 0.2 - Command Injection
index.php in MiniTwitter 0.2 beta allows remote authenticated users to modify certain options of arbitrary accounts via an opt action.
by YEnH4ckEr
Baofeng Storm - Stack-based Buffer Overflow via OnBeforeVideoDownload Method
Stack-based buffer overflow in the MPS.StormPlayer.1 ActiveX control in mps.dll 3.9.4.27 in Baofeng Storm allows remote attackers to execute arbitrary code via a long argument to the OnBeforeVideoDownload method, as exploited in the wild in April and May 2009. NOTE: some of these details are obtained from third party information. NOTE: it was later reported that 3.09.04.17 and earlier are also affected.
by MITBOY
Google Chrome 1.0.154.53 - Denial of Service via Long Exception Value
Google Chrome 1.0.154.53 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a throw statement with a long exception value.
by Aditya K Sood
Symantec WinFax Pro 10.03 - Buffer Overflow
Stack-based buffer overflow in the Symantec.FaxViewerControl.1 ActiveX control in WinFax\DCCFAXVW.DLL in Symantec WinFax Pro 10.03 allows remote attackers to execute arbitrary code via a long argument to the AppendFax method.
by Nine:Situations:Group
VisionLms 1.0 - 'changePW.php' Remote Password Change
by Mr.tro0oqy
Teraway LinkTracker 1.0 - Remote Password Change
by ThE g0bL!N
Firefox 3.0.9 - Memory Corruption and Possible Remote Code Execution in nsTextFrame::ClearTextRun
The nsTextFrame::ClearTextRun function in layout/generic/nsTextFrameThebes.cpp in Mozilla Firefox 3.0.9 allows remote attackers to cause a denial of service (memory corruption) and probably execute arbitrary code via unspecified vectors. NOTE: this vulnerability reportedly exists because of an incorrect fix for CVE-2009-1302.
by Marc Gueury
Absolute Form Processor XE-V 1.5 - Remote Change Password
by ThE g0bL!N
By Source