Html Exploits
2,054 exploits tracked across all sources.
PowerPoint Viewer OCX 3.1 - Remote Command Execution
by Cyber-Zone
Office Viewer ActiveX Control 3.0.1 - Remote Command Execution
by Houssamix
Office Viewer ActiveX Control 3.0.1 - 'Save' Remote File Overwrite
by Houssamix
ExcelOCX ActiveX 3.2 - Download File Insecure Method
by Alfons Luja
Comersus Cart 6 - User Email and User Password Unauthorized Access
by ajann
Microsoft Internet Explorer - JavaScript screen[ ] Denial of Service
by Skylined
Apple Safari - Memory Corruption
Integer signedness error in Apple Safari allows remote attackers to read the contents of arbitrary memory locations, cause a denial of service (application crash), and probably have unspecified other impact via the array index of the arguments array in a JavaScript function, possibly a related issue to CVE-2008-2307.
by Skylined
Megacubo - Code Injection
Eval injection vulnerability in Megacubo 5.0.7 allows remote attackers to inject and execute arbitrary PHP code via the play action in a mega:// URI.
by JJunior
Megacubo - Code Injection
Eval injection vulnerability in Megacubo 5.0.7 allows remote attackers to inject and execute arbitrary PHP code via the play action in a mega:// URI.
by Nine:Situations:Group
Saschart Sascam Webcam Server - Memory Corruption
Buffer overflow in the XHTTP Module 4.1.0.0 in the ActiveX control for SaschArt SasCam Webcam Server 2.6.5 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long argument to the Get method and other unspecified methods.
by callAX
Chilkat Mail <7.8 - File Overwrite
Insecure method vulnerability in Chilkat Mail 7.8 ActiveX control (ChilkatCert.dll) allows remote attackers to overwrite arbitrary files via a full pathname to the SaveLastError method.
by callAX
Google Chrome <1.0.154.36 - Command Injection
Argument injection vulnerability in Google Chrome 1.0.154.36 on Windows XP SP3 allows remote attackers to execute arbitrary commands via the --renderer-path option in a chromehtml: URI. NOTE: a third party disputes this issue, stating that Chrome "will ask for user permission" and "cannot launch the applet even [if] you have given out the permission.
by Nine:Situations:Group
Microsoft Internet Explorer 8 beta 2 - Command Injection
Argument injection vulnerability in Microsoft Internet Explorer 8 beta 2 on Windows XP SP3 allows remote attackers to execute arbitrary commands via the --renderer-path option in a chromehtml: URI.
by Nine:Situations:Group
Phoenician Casino FlashAX <1.0.0.7 - Buffer Overflow
Heap-based buffer overflow in the Phoenician Casino FlashAX ActiveX control 1.0.0.7 allows remote attackers to execute arbitrary code via a long argument to the SetID method.
by e.wiZz!
Microsoft Internet Explorer - Resource Management Error
Use-after-free vulnerability in the CRecordInstance::TransferToDestination function in mshtml.dll in Microsoft Internet Explorer 5.01, 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via DSO bindings involving (1) an XML Island, (2) XML DSOs, or (3) Tabular Data Control (TDC) in a crafted HTML or XML document, as demonstrated by nested SPAN or MARQUEE elements, and exploited in the wild in December 2008.
by krafty
Microsoft Internet Explorer 7.0 - Info Disclosure
Microsoft Internet Explorer 7.0 on Windows XP and Windows Server 2003 allows remote attackers to have an unspecified impact via a certain XML document that references a crafted web site in the SRC attribute of an image element, related to a "0day Vulnerability."
by krafty
EvansFTP - 'EvansFTP.ocx' Remote Buffer Overflow (PoC)
by Bl@ckbe@rD
WordPress Plugin Fuctweb CapCC 1.0 - 'plugins.php' SQL Injection
by MustLive
Microsoft Internet Explorer - Resource Management Error
Use-after-free vulnerability in the CRecordInstance::TransferToDestination function in mshtml.dll in Microsoft Internet Explorer 5.01, 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via DSO bindings involving (1) an XML Island, (2) XML DSOs, or (3) Tabular Data Control (TDC) in a crafted HTML or XML document, as demonstrated by nested SPAN or MARQUEE elements, and exploited in the wild in December 2008.
by muts
Quiksoft Easymail Mailstore Object - Memory Corruption
Buffer overflow in emmailstore.dll 6.5.0.3 in the QuikSoft EasyMail MailStore ActiveX control allows remote attackers to execute arbitrary code via a long first argument to the CreateStore method.
by e.wiZz!
Dd-wrt - CSRF
Multiple cross-site request forgery (CSRF) vulnerabilities in apply.cgi in DD-WRT 24 sp2 allow remote attackers to hijack the authentication of administrators for requests that (1) execute arbitrary commands via the ping_ip parameter; (2) change the administrative credentials via the http_username and http_passwd parameters; (3) enable remote administration via the remote_management parameter; or (4) configure port forwarding via certain from, to, ip, and pro parameters. NOTE: This issue reportedly exists because of a "weak ... anti-CSRF fix" implemented in 24 sp2.
by Michael Brooks
Visagesoft Expert Pdf Editorx - Access Control
Insecure method vulnerability in the VSPDFEditorX.VSPDFEdit ActiveX control in VSPDFEditorX.ocx 1.0.200.0 in VISAGESOFT eXPert PDF EditorX allows remote attackers to create or overwrite arbitrary files via the first argument to the extractPagesToFile method.
by Marco Torti
Google Chrome - MetaCharacter URI Obfuscation
by Aditya K Sood
By Source