Html Exploits
2,054 exploits tracked across all sources.
VideoLAN VLC <0.8.6d - RCE
A certain ActiveX control in axvlc.dll in VideoLAN VLC 0.8.6 before 0.8.6d allows remote attackers to execute arbitrary code via crafted arguments to the (1) addTarget, (2) getVariable, or (3) setVariable function, resulting from a "bad initialized pointer," aka a "recursive plugin release vulnerability."
by Ricardo Narvaja
Snitz Forums 2000 3.4.06 - SQL Injection
SQL injection vulnerability in active.asp in Snitz Forums 2000 3.4.06 allows remote attackers to execute arbitrary SQL commands via the BuildTime parameter.
by BugReport.IR
Apple Safari 1.x/3.0.x / Firefox 1.5.0.x/2.0.x - JavaScript Multiple Fields Key Filterings
by Carl Hardwick
F5 FirePass 4100 SSL VPN <6.0.1 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in F5 FirePass 4100 SSL VPN 5.4.1 through 5.5.2 and 6.0 through 6.0.1, when pre-logon sequences are enabled, allow remote attackers to inject arbitrary web script or HTML via the query string to (1) my.activation.php3 and (2) my.logon.php3.
by Richard Brain
Yahoo! Toolbar 1.4.1 - Buffer Overflow
Stack-based buffer overflow in the Helper class in the yt.ythelper.2 ActiveX control in Yahoo! Toolbar 1.4.1 allows remote attackers to cause a denial of service (browser crash) via a long argument to the c method.
by Elazar Broad
BitDefender Online Anti-Virus Scanner 8.0 - RCE
A certain ActiveX control in (1) OScan8.ocx and (2) Oscan81.ocx in BitDefender Online Anti-Virus Scanner 8.0 allows remote attackers to execute arbitrary code via a long argument to the InitX method that begins with a "%%" sequence, which is misinterpreted as a Unicode string and decoded twice, leading to improper memory allocation and a heap-based buffer overflow.
by Nphinity
Liferay Enterprise Portal 4.3.1 - XSS
Cross-site scripting (XSS) vulnerability in c/portal/login in Liferay Enterprise Portal 4.3.1 allows remote attackers to inject arbitrary web script or HTML via the emailAddress parameter in a Send New Password action, a different vector than CVE-2007-6055. NOTE: some of these details are obtained from third party information.
by Joshua Morin
RealMedia RealPlayer 10.5/11 - 'ierpplug.dll' PlayerProperty ActiveX Control Buffer Overflow
by Elazar Broad
RichFX Basic Player 1.1 - ActiveX Control Multiple Buffer Overflow Vulnerabilities
by Elazar Broad
Aurigma Image Uploader 4.x - ActiveX Control Multiple Remote Stack Buffer Overflow Vulnerabilities
by Elazar Broad
Underground CMS 1.x - 'Search.Cache.Inc.php' Backdoor Access
by D4m14n
ComponentOne FlexGrid 7.1 Light - Buffer Overflow
Multiple stack-based buffer overflows in the VSFlexGrid.VSFlexGridL ActiveX control in ComponentOne FlexGrid 7.1 Light allow remote attackers to cause a denial of service and possibly execute arbitrary code via a long string in the (1) Text, (2) EditSelText, (3) EditText, and (4) CellFontName property values.
by Elazar Broad
WebEx GpcContainer.GpcContainer.1 - DoS
Unspecified vulnerability in the GpcContainer.GpcContainer.1 ActiveX control in WebEx allows remote attackers to cause a denial of service (memory access violation and crash) via (1) an invalid argument to the InitParam method or (2) an unspecified vector involving the SetParam method.
by Elazar Broad
Microsoft Office 2003 - Web Component Memory Access Violation Denial of Service
by Elazar Broad
Microsoft Forms 2.0 - ActiveX Control 2.0 Memory Access Violation Denial of Service
by Elazar Broad
Getmiro Broadcast Machine - XSS
Cross-site scripting (XSS) vulnerability in login.php in Miro Project Broadcast Machine 0.9.9.9 allows remote attackers to inject arbitrary web script or HTML via the username parameter.
by Hanno Boeck
Adobe Shockwave - Buffer Overflow
Stack-based buffer overflow in the SWCtl.SWCtl ActiveX control in Adobe Shockwave allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long argument to the ShockwaveVersion method.
by Elazar
Viewpoint Media Player - Memory Corruption
Multiple stack-based buffer overflows in the AxMetaStream ActiveX control in AxMetaStream.dll 3.3.2.26 in Viewpoint Media Player 3.2 allow remote attackers to execute arbitrary code via a long string argument to the (1) BroadcastKey, (2) BroadcastKeyFileURL, (3) Component, (4) ComponentClassID, (5) ComponentFileName, (6) ExtraProperty, (7) Properties, (8) RequiredVersions, (9) Source, or (10) XMLText method.
by shinnai
MS TopSites - CSRF
Cross-site request forgery (CSRF) vulnerability in edit.php in the MS TopSites add-on for PHP-Nuke does not verify that the uname parameter matches the current account, which allows remote authenticated users to change arbitrary accounts or change the SiteTitleName field as an arbitrary user via a modified uname value in an edit action to modules.php.
by 0x90
BT Home Hub 6.2.2.6 - Login procedure Authentication Bypass
by David Smith
EDraw Flowchart ActiveX <2.0.2005.1104 - Path Traversal
Absolute path traversal vulnerability in the EDraw Flowchart ActiveX control in EDImage.ocx 2.0.2005.1104 allows remote attackers to create or overwrite arbitrary files with arbitrary contents via a full pathname in the second argument to the HttpDownloadFile method, a different product than CVE-2007-4420.
by shinnai
Sonicwall SSL VPN < 2.1 - Memory Corruption
Stack-based buffer overflow in the SonicWall SSL-VPN NetExtender NELaunchCtrl ActiveX control before 2.1.0.51, and 2.5.x before 2.5.0.56, allows remote attackers to execute arbitrary code via a long string in the second argument to the AddRouteEntry method.
by krafty
Agtc Websolutions Php-agtc Membership System - Authentication Bypass
adduser.php in PHP-AGTC Membership (AGTC-Membership) System 1.1a does not require authentication, which allows remote attackers to create accounts via a modified form, as demonstrated by an account with admin (userlevel 4) privileges.
by 0x90
By Source