Html Exploits

2,055 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-115719 EXPLOITDB html VERIFIED
Microsoft Internet Explorer 6/7/8 - 'li' Element Denial of Service (2)
by trevordixon
EIP-2026-115718 EXPLOITDB html VERIFIED
Microsoft Internet Explorer 6/7/8 - 'li' Element Denial of Service (1)
by trevordixon
CVE-2007-0827 EXPLOITDB html VERIFIED
Alibaba Alipay PTA Module - RCE
The Alibaba Alipay PTA Module ActiveX control (PTA.DLL) allows remote attackers to execute arbitrary code via a JavaScript function that invokes the Remove method with an invalid index argument, which is used as an offset for a function call.
by cocoruder
CVE-2007-0811 EXPLOITDB html VERIFIED
Microsoft Internet Explorer 6.0 - DoS
Microsoft Internet Explorer 6.0 SP1 on Windows 2000, and 6.0 SP2 on Windows XP, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an HTML document containing a certain JavaScript for loop with an empty loop body, possibly involving getElementById.
by AmesianX
CVE-2007-1029 EXPLOITDB html VERIFIED
Quiksoft EasyMail <6.5 - Buffer Overflow
Stack-based buffer overflow in the Connect method in the IMAP4 component in Quiksoft EasyMail Objects before 6.5 allows remote attackers to execute arbitrary code via a long host name.
by Paul Craig
CVE-2007-0681 EXPLOITDB CRITICAL html VERIFIED
ExtCalendar <2 - Auth Bypass
profile.php in ExtCalendar 2 and earlier allows remote attackers to change the passwords of arbitrary users without providing the original password, and possibly perform other unauthorized actions, via modified values to register.php.
by ajann
CVSS 9.8
CVE-2007-0612 EXPLOITDB html VERIFIED
Microsoft IE - Denial of Service
Multiple ActiveX controls in Microsoft Windows 2000, XP, 2003, and Vista allows remote attackers to cause a denial of service (Internet Explorer crash) by accessing the bgColor, fgColor, linkColor, alinkColor, vlinkColor, or defaultCharset properties in the (1) giffile, (2) htmlfile, (3) jpegfile, (4) mhtmlfile, (5) ODCfile, (6) pjpegfile, (7) pngfile, (8) xbmfile, (9) xmlfile, (10) xslfile, or (11) wdfile objects in (a) mshtml.dll; or the (12) TriEditDocument.TriEditDocument or (13) TriEditDocument.TriEditDocument.1 objects in (b) triedit.dll, which cause a NULL pointer dereference.
by Alexander Sotirov
CVE-2007-0575 EXPLOITDB html VERIFIED
Stefan Holmberg Admentor - SQL Injection
Multiple SQL injection vulnerabilities in the administrative login page (admin/login.asp) in ASPCode.net AdMentor allow remote attackers to execute arbitrary SQL commands via the (1) Userid and (2) Password fields.
by Cr@zy_King
CVE-2007-0021 EXPLOITDB html VERIFIED
Apple Ichat - Denial of Service
Format string vulnerability in Apple iChat 3.1.6 allows remote attackers to cause a denial of service (null pointer dereference and application crash) and possibly execute arbitrary code via format string specifiers in an aim:// URI.
by MoAB
CVE-2007-0020 EXPLOITDB html VERIFIED
Panic Transmit < 3.5.5 - Buffer Overflow
Heap-based buffer overflow in the SFTP protocol handler for Panic Transmit (Transmit.app) up to 3.5.5 allows remote attackers to execute arbitrary code via a long ftps:// URL.
by MoAB
EIP-2026-103683 EXPLOITDB html VERIFIED
Transmit 3.5.5 - Remote Heap Overflow
by LMH
CVE-2007-0429 EXPLOITDB html VERIFIED
Divx Player - Denial of Service
DivXBrowserPlugin (aka DivX Web Player) npdivx32.dll, as distributed with DivX Player 6.4.1, allows remote attackers to cause a denial of service (Internet Explorer 7 crash) by invoking the GoWindowed method for a certain instance of the ActiveX object.
by shinnai
CVE-2007-0371 EXPLOITDB html VERIFIED
Common Controls Replacement Browsedialog Server - Denial of Service
A certain ActiveX control in the Common Controls Replacement Project (CCRP) CCRP BrowseDialog Server (ccrpbds6.dll) allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long CCRP_BDc.SelectedFolder property value.
by shinnai
CVE-2007-0356 EXPLOITDB html VERIFIED
Common Controls Replacement Foldertre... - Denial of Service
The Common Controls Replacement Project (CCRP) FolderTreeview (FTV) ActiveX control (ccrpftv6.ocx) allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long CCRP.RootFolder property value.
by shinnai
CVE-2007-0024 EXPLOITDB html VERIFIED
Microsoft Internet Explorer - Buffer Overflow
Integer overflow in the Vector Markup Language (VML) implementation (vgx.dll) in Microsoft Internet Explorer 5.01, 6, and 7 on Windows 2000 SP4, XP SP2, Server 2003, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted web page that contains unspecified integer properties that cause insufficient memory allocation and trigger a buffer overflow, aka the "VML Buffer Overrun Vulnerability."
by LifeAsaGeek
CVE-2007-0301 EXPLOITDB html VERIFIED
FdWeB Espace Membre <2.1 - RCE
PHP remote file inclusion vulnerability in _admin/admin_menu.php in FdWeB Espace Membre 2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path parameter.
by ajann
EIP-2026-104035 EXPLOITDB html VERIFIED
Oracle ORADC - ActiveX Control Remote Code Execution
by Umesh Wanve
CVE-2006-6421 EXPLOITDB html VERIFIED
phpBB 2.0.x - XSS
Cross-site scripting (XSS) vulnerability in the private message box implementation (privmsg.php) in phpBB 2.0.x allows remote authenticated users to inject arbitrary web script or HTML via the "Message body" field in a message to a non-existent user.
by Demential
CVE-2007-0148 EXPLOITDB html VERIFIED
Omnigroup Omniweb - Denial of Service
Format string vulnerability in OmniGroup OmniWeb 5.5.1 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via format string specifiers in the Javascript alert function.
by MoAB
CVE-2008-0457 EXPLOITDB html VERIFIED
Symantec Backupexec System Recovery - Improper Input Validation
Unrestricted file upload vulnerability in the FileUpload class running on the Symantec LiveState Apache Tomcat server, as used by Symantec Backup Exec System Recovery Manager 7.0 and 7.0.1, allows remote attackers to upload and execute arbitrary JSP files via unknown vectors.
by titon
CVE-2007-0049 EXPLOITDB html VERIFIED
Geckovich TaskTracker Pro <1.5 - RCE
Geckovich TaskTracker Pro 1.5 and earlier allows remote attackers to add administrative or other accounts via an Add action with a modified GroupID in a direct request to Customize.asp.
by ajann
CVE-2006-6884 EXPLOITDB html VERIFIED
WinZip 10.0 Build 6667 - Buffer Overflow
Buffer overflow in the WZFILEVIEW.FileViewCtrl.61 ActiveX control (aka Sky Software "FileView" ActiveX control) for WinZip 10.0 Build 6667 allows remote attackers to execute arbitrary code via a long argument to the CreateNewFolderFromName method, a different vulnerability than CVE-2006-5198.
by XiaoHui
CVE-2006-6838 EXPLOITDB html VERIFIED
Rediff Bol Downloader ActiveX - RCE
Rediff Bol Downloader ActiveX (OCX) control allows remote attackers to execute arbitrary files, and obtain sensitive information (usernames and pathnames), via a URL in the url vbscript parameter.
by Gregory R. Panakkal
CVE-2006-6885 EXPLOITDB html VERIFIED
Macromedia Shockwave 10 - DoS
An ActiveX control in SwDir.dll in Macromedia Shockwave 10 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long string in the swURL attribute.
by shinnai
CVE-2006-6827 EXPLOITDB html VERIFIED
Macromedia Flash 8 - DoS
Flash8b.ocx in Macromedia Flash 8 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long string in the Flash8b.AllowScriptAccess method.
by shinnai
By Source
All 2,055 Exploitdb 50,121 Writeup 46,831 Nomisec 21,202 Metasploit 3,189 Github 2,265 Vulncheck_xdb 900 Inthewild 518 Gitlab 439 Gitee 415 Patchapalooza 312
By Language
text 31,341 ruby 5,920 python 5,745 c 3,550 perl 2,854 html 2,055 php 1,334 bash 459 java 360 javascript 260 c++ 247 shell 73 go 41 postscript 25 xml 24