Html Exploits

2,076 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-103856 EXPLOITDB html VERIFIED
Apple Safari 1.x/3.0.x / Firefox 1.5.0.x/2.0.x - JavaScript Multiple Fields Key Filterings
by Carl Hardwick
CVE-2007-6704 EXPLOITDB html VERIFIED
F5 FirePass 4100 SSL VPN <6.0.1 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in F5 FirePass 4100 SSL VPN 5.4.1 through 5.5.2 and 6.0 through 6.0.1, when pre-logon sequences are enabled, allow remote attackers to inject arbitrary web script or HTML via the query string to (1) my.activation.php3 and (2) my.logon.php3.
by Richard Brain
CVE-2007-6228 EXPLOITDB html VERIFIED
Yahoo! Toolbar 1.4.1 - Buffer Overflow
Stack-based buffer overflow in the Helper class in the yt.ythelper.2 ActiveX control in Yahoo! Toolbar 1.4.1 allows remote attackers to cause a denial of service (browser crash) via a long argument to the c method.
by Elazar Broad
CVE-2007-6189 EXPLOITDB html VERIFIED
BitDefender Online Anti-Virus Scanner 8.0 - RCE
A certain ActiveX control in (1) OScan8.ocx and (2) Oscan81.ocx in BitDefender Online Anti-Virus Scanner 8.0 allows remote attackers to execute arbitrary code via a long argument to the InitX method that begins with a "%%" sequence, which is misinterpreted as a Unicode string and decoded twice, leading to improper memory allocation and a heap-based buffer overflow.
by Nphinity
CVE-2007-6173 EXPLOITDB html VERIFIED
Liferay Enterprise Portal 4.3.1 - XSS
Cross-site scripting (XSS) vulnerability in c/portal/login in Liferay Enterprise Portal 4.3.1 allows remote attackers to inject arbitrary web script or HTML via the emailAddress parameter in a Send New Password action, a different vector than CVE-2007-6055. NOTE: some of these details are obtained from third party information.
by Joshua Morin
EIP-2026-116162 EXPLOITDB html VERIFIED
RealMedia RealPlayer 10.5/11 - 'ierpplug.dll' PlayerProperty ActiveX Control Buffer Overflow
by Elazar Broad
EIP-2026-116183 EXPLOITDB html VERIFIED
RichFX Basic Player 1.1 - ActiveX Control Multiple Buffer Overflow Vulnerabilities
by Elazar Broad
EIP-2026-100327 EXPLOITDB html VERIFIED
FooSun - 'Api_Response.asp' SQL Injection
by flyh4t
EIP-2026-114950 EXPLOITDB html VERIFIED
Aurigma Image Uploader 4.x - ActiveX Control Multiple Remote Stack Buffer Overflow Vulnerabilities
by Elazar Broad
EIP-2026-112898 EXPLOITDB html VERIFIED
Underground CMS 1.x - 'Search.Cache.Inc.php' Backdoor Access
by D4m14n
EIP-2026-112850 EXPLOITDB html VERIFIED
Ucms 1.8 - Backdoor Remote Command Execution
by D4m14n
CVE-2007-6028 EXPLOITDB html VERIFIED
ComponentOne FlexGrid 7.1 Light - Buffer Overflow
Multiple stack-based buffer overflows in the VSFlexGrid.VSFlexGridL ActiveX control in ComponentOne FlexGrid 7.1 Light allow remote attackers to cause a denial of service and possibly execute arbitrary code via a long string in the (1) Text, (2) EditSelText, (3) EditText, and (4) CellFontName property values.
by Elazar Broad
CVE-2007-6005 EXPLOITDB html VERIFIED
WebEx GpcContainer.GpcContainer.1 - DoS
Unspecified vulnerability in the GpcContainer.GpcContainer.1 ActiveX control in WebEx allows remote attackers to cause a denial of service (memory access violation and crash) via (1) an invalid argument to the InitParam method or (2) an unspecified vector involving the SetParam method.
by Elazar Broad
EIP-2026-115741 EXPLOITDB html VERIFIED
Microsoft Office 2003 - Web Component Memory Access Violation Denial of Service
by Elazar Broad
EIP-2026-115659 EXPLOITDB html VERIFIED
Microsoft Forms 2.0 - ActiveX Control 2.0 Memory Access Violation Denial of Service
by Elazar Broad
CVE-2007-3694 EXPLOITDB html VERIFIED
Broadcast Machine 0.9.9.9 - Cross-Site Scripting via Username Parameter
Cross-site scripting (XSS) vulnerability in login.php in Miro Project Broadcast Machine 0.9.9.9 allows remote attackers to inject arbitrary web script or HTML via the username parameter.
by Hanno Boeck
CVE-2007-5941 EXPLOITDB html VERIFIED
Adobe Shockwave Player - Stack-based Buffer Overflow via ShockwaveVersion Method
Stack-based buffer overflow in the SWCtl.SWCtl ActiveX control in Adobe Shockwave allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long argument to the ShockwaveVersion method.
by Elazar
CVE-2007-5911 EXPLOITDB html VERIFIED
Viewpoint Media Player 3.2 - Remote Code Execution via AxMetaStream ActiveX Control Buffer Overflow
Multiple stack-based buffer overflows in the AxMetaStream ActiveX control in AxMetaStream.dll 3.3.2.26 in Viewpoint Media Player 3.2 allow remote attackers to execute arbitrary code via a long string argument to the (1) BroadcastKey, (2) BroadcastKeyFileURL, (3) Component, (4) ComponentClassID, (5) ComponentFileName, (6) ExtraProperty, (7) Properties, (8) RequiredVersions, (9) Source, or (10) XMLText method.
by shinnai
CVE-2007-5918 EXPLOITDB html VERIFIED
MS TopSites - Authenticated Cross-Site Request Forgery via uname Parameter
Cross-site request forgery (CSRF) vulnerability in edit.php in the MS TopSites add-on for PHP-Nuke does not verify that the uname parameter matches the current account, which allows remote authenticated users to change arbitrary accounts or change the SiteTitleName field as an arbitrary user via a modified uname value in an edit action to modules.php.
by 0x90
EIP-2026-101185 EXPLOITDB html VERIFIED
BT Home Hub 6.2.2.6 - Login procedure Authentication Bypass
by David Smith
CVE-2007-5826 EXPLOITDB html VERIFIED
EDraw Flowchart ActiveX <2.0.2005.1104 - Path Traversal
Absolute path traversal vulnerability in the EDraw Flowchart ActiveX control in EDImage.ocx 2.0.2005.1104 allows remote attackers to create or overwrite arbitrary files with arbitrary contents via a full pathname in the second argument to the HttpDownloadFile method, a different product than CVE-2007-4420.
by shinnai
CVE-2007-5603 EXPLOITDB html VERIFIED
SonicWall SSL-VPN < 2.1 - Stack-Based Buffer Overflow via NetExtender NELaunchCtrl AddRouteEntry Method
Stack-based buffer overflow in the SonicWall SSL-VPN NetExtender NELaunchCtrl ActiveX control before 2.1.0.51, and 2.5.x before 2.5.0.56, allows remote attackers to execute arbitrary code via a long string in the second argument to the AddRouteEntry method.
by krafty
CVE-2007-5752 EXPLOITDB html VERIFIED
PHP-AGTC Membership System 1.1a - Unauthenticated Account Creation via adduser.php
adduser.php in PHP-AGTC Membership (AGTC-Membership) System 1.1a does not require authentication, which allows remote attackers to create accounts via a modified form, as demonstrated by an account with admin (userlevel 4) privileges.
by 0x90
CVE-2007-5779 EXPLOITDB html VERIFIED
GOM Player 2.1.6.3499 - Buffer Overflow via GomWeb Control OpenUrl Method
Buffer overflow in the GomManager (GomWeb Control) ActiveX control in GomWeb3.dll 1.0.0.12 in Gretech Online Movie Player (GOM Player) 2.1.6.3499 allows remote attackers to execute arbitrary code via a long argument to the OpenUrl method.
by rgod
CVE-2007-5722 EXPLOITDB html VERIFIED
GlobalLink 2.7.0.8 - Stack-Based Buffer Overflow via GLChat.ocx ConnectAndEnterRoom Method
Stack-based buffer overflow in a certain ActiveX control in GLChat.ocx 2.5.1.32 in GlobalLink 2.7.0.8, as used in Ourgame GLWorld and possibly other products, allows remote attackers to execute arbitrary code via a long first argument to the ConnectAndEnterRoom method, possibly involving the GLCHAT.GLChatCtrl.1 control, as originally exploited in the wild in October 2007. NOTE: some of these details are obtained from third party information. NOTE: this was originally reported as a heap-based issue by some sources.
by anonymous
By Source
All 2,076 Writeup 62,482 Exploitdb 50,076 Nomisec 22,450 Github 3,674 Metasploit 3,315 Vulncheck_xdb 930 Inthewild 514 Gitlab 479 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,597 ruby 6,006 c 3,631 perl 2,849 html 2,076 php 1,333 bash 462 java 371 c++ 261 javascript 231 shell 133 go 73 postscript 25 typescript 25