Html Exploits
2,076 exploits tracked across all sources.
JobSitePro 1.0 - SQL Injection via Salary Parameter
SQL injection vulnerability in search.php in PHP Labs JobSitePro 1.0 allows remote attackers to execute arbitrary SQL commands via the salary parameter.
by ajann
Rediff Toolbar 2.0 - Denial of Service via ActiveX Control Manipulation
The Rediff Toolbar 2.0 ActiveX control in redifftoolbar.dll allows remote attackers to cause a denial of service via unspecified manipulations, possibly involving improper initialization or blank arguments.
by Umesh Wanve
Adobe Acrobat Reader 8.0 - Denial of Service via Malformed PDF URL Anchor
AcroPDF.DLL in Adobe Reader 8.0, when accessed from Mozilla Firefox, Netscape, or Opera, allows remote attackers to cause a denial of service (unspecified resource consumption) via a .pdf URL with an anchor identifier that begins with search= followed by many %n sequences, a different vulnerability than CVE-2006-6027 and CVE-2006-6236.
by shinnai
Macromedia Shockwave - Stack-Based Buffer Overflow via SwDir.dll ActiveX Control Properties
Multiple stack-based buffer overflows in an ActiveX control in SwDir.dll 10.1.4.20 in Macromedia Shockwave allow remote attackers to cause a denial of service (Internet Explorer 7 crash) and possibly execute arbitrary code via a long (1) BGCOLOR, (2) SRC, (3) AutoStart, (4) Sound, (5) DrawLogo, or (6) DrawProgress property value, different vectors than CVE-2006-6885.
by shinnai
Sky Software FileView ActiveX Control - Stack-Based Buffer Overflow via FilePattern Attribute
Stack-based buffer overflow in the Sky Software FileView ActiveX control, as used in WinZip 10 before build 7245 and in certain other applications, allows remote attackers to execute arbitrary code via a long FilePattern attribute in a WZFILEVIEW object, a different vulnerability than CVE-2006-5198.
by prdelka
Firebug < 1.03 - Cross-Zone Scripting via DOM Templates
Cross-zone scripting vulnerability in the DOM templates (domplates) used by the console.log function in the Firebug extension before 1.04 for Mozilla Firefox allows remote attackers to bypass zone restrictions, read arbitrary file:// URIs, or execute arbitrary code in the browser chrome by overwriting the toString function via a certain function declaration, related to incorrect identification of anonymous JavaScript functions, a different issue than CVE-2007-1878.
by Thor Larholm
Konqueror 3.5.5 - JavaScript Read of FTP Iframe Denial of Service
by mark
Konqueror - Denial of Service via FTP iframe Content Access
ecma/kjs_html.cpp in KDE JavaScript (KJS), as used in Konqueror in KDE 3.5.5, allows remote attackers to cause a denial of service (crash) by accessing the content of an iframe with an ftp:// URI in the src attribute, probably due to a NULL pointer dereference.
by mark
AJDating 1.0 - SQL Injection via view_profile.php user_id Parameter
SQL injection vulnerability in view_profile.php in AJDating 1.0 allows remote attackers to execute arbitrary SQL commands via the user_id parameter.
by ajann
AJ Classifieds 1.0 - SQL Injection via postingid Parameter
SQL injection vulnerability in postingdetails.php in AJ Classifieds 1.0 allows remote attackers to execute arbitrary SQL commands via the postingid parameter.
by ajann
DivX Web Player - Denial of Service via DivxWP.Resize ActiveX Control
A certain ActiveX control in the DivXBrowserPlugin (npdivx32.dll) in DivX Web Player, as distributed with DivX Player 1.3.0, allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via large values to DivxWP.Resize, related to resizing images.
by shinnai
SQLiteManager 1.2.0 - Cross-Site Scripting via Database and Table Name Fields
Multiple cross-site scripting (XSS) vulnerabilities in SQLiteManager 1.2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) database name, (2) table name, (3) ViewName, (4) view, (5) trigger, and (6) function fields in main.php and certain other files.
by Simon Bonnard
PHPBB2 - 'Admin_Ug_Auth.php' Administrative Bypass
by Hasadya Raed
Common Controls Replacement Project BrowseDialog Server - Denial of Service via Long Property Value
A certain ActiveX control in the Common Controls Replacement Project (CCRP) CCRP BrowseDialog Server (ccrpbds6.dll) allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long (1) IsFolderAvailable or (2) RootFolder property value, different vectors than CVE-2007-0371.
by shinnai
Mozilla based browsers <2.0.0.2 - CSRF
Mozilla based browsers, including Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8, allow remote attackers to bypass the same origin policy, steal cookies, and conduct other attacks by writing a URI with a null byte to the hostname (location.hostname) DOM property, due to interactions with DNS resolver code.
by Michal Zalewski
Microsoft Internet Explorer 6 - Absolute Path Traversal via File URI in Multiple HTML Attributes
Multiple absolute path traversal vulnerabilities in Microsoft Internet Explorer 6 on Windows XP SP2 allow remote attackers to access arbitrary local files via the file: URI in the (1) src attribute of a (a) bgsound, (b) input, (c) EMBED, (d) img, or (e) script tag; (2) data attribute of an object tag; (3) value attribute of a param tag; (4) background attribute of a body tag; or (5) the background:url attribute declared in the BODY parameter of a STYLE tag.
by Rajesh Sethumadhavan
VS-Gastebuch < 1.5.3 - Remote File Inclusion via gb_pfad Parameter
PHP remote file inclusion vulnerability in functions_inc.php in VS-Gastebuch 1.5.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the gb_pfad parameter.
by ajann
VirtualSystem VS-News-System <1.2.1 - RCE
PHP remote file inclusion vulnerability in show_news_inc.php in VirtualSystem VS-News-System 1.2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the newsordner parameter.
by ajann
VS-Link-Partner < 2.1 - Remote File Inclusion via gb_pfad Parameter
PHP remote file inclusion vulnerability in inc/functions_inc.php in VS-Link-Partner 2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the gb_pfad, or possibly script_pfad, parameter.
by ajann
ActSoft DVD-Tools - Buffer Overflow
Buffer overflow in the ActSoft DVD-Tools ActiveX control (dvdtools.ocx) allows remote attackers to execute arbitrary code via a long DVD_TOOLS.OpenDVD property value.
by shinnai
AT Contenator < 1.0 - Remote Code Execution via Root_To_Script Parameter
PHP remote file inclusion vulnerability in _admin/nav.php in AT Contenator 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the Root_To_Script parameter.
by ajann
Site-Assistant < 0990 - Remote File Inclusion via paths[version] Parameter
PHP remote file inclusion vulnerability in classes/menu.php in Site-Assistant 0990 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the paths[version] parameter.
by ajann
Microsoft Internet Explorer 6/7/8 - 'li' Element Denial of Service (2)
by trevordixon
Microsoft Internet Explorer 6/7/8 - 'li' Element Denial of Service (1)
by trevordixon
Alibaba Alipay ActiveX Control < 2.4.2.471 - Remote Code Execution via Remove Method
The Alibaba Alipay PTA Module ActiveX control (PTA.DLL) allows remote attackers to execute arbitrary code via a JavaScript function that invokes the Remove method with an invalid index argument, which is used as an offset for a function call.
by cocoruder
By Source