Html Exploits
2,054 exploits tracked across all sources.
Microsoft Internet Explorer 7 - Uninitialized Memory Corruption
Microsoft Internet Explorer 7 does not properly handle errors during attempted access to deleted objects, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to CFunctionPointer and the appending of document objects, aka "Uninitialized Memory Corruption Vulnerability."
by anonymous
Geovision Livex Activex Control - Path Traversal
Directory traversal vulnerability in the SnapShotToFile method in the GeoVision LiveX (aka LiveX_v8200) ActiveX control 8.1.2 and 8.2.0 in LIVEX_~1.OCX allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in the argument, possibly involving the PlayX and SnapShotX methods.
by Nine:Situations:Group
Symbian OS - DoS
The web browser in Symbian OS on the Nokia N95 cell phone allows remote attackers to cause a denial of service (crash) via JavaScript code that calls the setAttributeNode method.
by Juan Yacubian
Nokia Phoenix 2008.4.7 Service Software - ActiveX Controls Multiple Buffer Overflow Vulnerabilities
by MurderSkillz
txtBB 1.0 RC3 - HTML/JS Injection / Arbitrary Add Admin Privileges
by cOndemned
MetaBBS 0.11 - Administration Settings Authentication Bypass
by make0day
Google Chrome 1.0.154.46 - '(ChromeHTML://)' Injection
by waraxe
WOW ActiveX 2 - RCE
Multiple insecure method vulnerabilities in the Web On Windows (WOW) ActiveX control in WOW ActiveX 2 allow remote attackers to (1) create and overwrite arbitrary files via the WriteIniFileString method, (2) execute arbitrary programs via the ShellExecute method, (3) read from the registry via unspecified vectors, and (4) write to the registry via unspecified vectors. NOTE: vectors 1 and 2 can be used together to execute arbitrary code.
by Michael Brooks
Google Chrome 1.0.154.43 - CSRF
Google Chrome 1.0.154.43 allows remote attackers to trick a user into visiting an arbitrary URL via an onclick action that moves a crafted element to the current mouse position, related to a "Clickjacking" vulnerability. NOTE: a third party disputes the relevance of this issue, stating that "every sufficiently featured browser is and likely will remain susceptible to the behavior known as clickjacking," and adding that the exploit code "is not a valid demonstration of the issue.
by x0x
Microsoft Internet Explorer 7.0 - RCE
The shell32 module in Microsoft Internet Explorer 7.0 on Windows XP SP3 might allow remote attackers to execute arbitrary code via a long VALUE attribute in an INPUT element, possibly related to a stack consumption vulnerability.
by Juan Pablo Lopez Yacubian
NCTVideoStudio ActiveX DLLs 1.6 - Insecure Method File Creation
by Stack
FlexCell Grid Control <5.6.9 - RCE
Multiple insecure method vulnerabilities in the FlexCell.Grid ActiveX control (FlexCell.ocx) in FlexCell Grid Control 5.6.9 allow remote attackers to create and overwrite arbitrary files via the (1) SaveFile and (2) ExportToXML methods.
by Houssamix
NCTVideoStudio ActiveX DLLs 1.6 - Remote Heap Overflow (PoC)
by Stack
MW6 Technologies Barcode <3.0.0.1 - Buffer Overflow
Heap-based buffer overflow in MW6 Technologies Barcode ActiveX control (Barcode.MW6Barcode.1, Barcode.dll) 3.0.0.1 allows remote attackers to execute arbitrary code via a long Supplement property.
by Houssamix
Mozilla Firefox <3.0.5 - XSS
Mozilla Firefox 3.0.5 allows remote attackers to trick a user into visiting an arbitrary URL via an onclick action that moves a crafted element to the current mouse position, related to a "Status Bar Obfuscation" and "Clickjacking" attack.
by MrDoug
Max.Blog 1.0.6 - Info Disclosure
delete.php in Max.Blog 1.0.6 does not properly restrict access, which allows remote attackers to delete arbitrary blog posts via a direct request.
by SirGod
MetaProducts MetaTreeX 1.5.100 - ActiveX File Overwrite
by Houssamix
Ciansoft PDFBuilderX 2.2 - ActiveX Arbitrary File Overwrite
by Alfons Luja
EDraw Office Viewer 5.4 - 'HttpDownloadFile()' Insecure Method
by Cyber-Zone
EasyGrid ActiveX <3.51 - DoS
Insecure method vulnerability in the EasyGrid.SGCtrl.32 ActiveX control in EasyGrid.ocx 1.0.0.1 in AAA EasyGrid ActiveX 3.51 allows remote attackers to create and overwrite arbitrary files via the (1) DoSaveFile or (2) DoSaveHtmlFile method. NOTE: vector 1 could be leveraged for code execution by creating executable files in Startup folders or by accessing files using hcp:// URLs. NOTE: some of these details are obtained from third party information.
by Houssamix
Word Viewer OCX 3.2 - ActiveX 'Save' Remote File Overwrite
by Houssamix
By Source