Html Exploits
2,076 exploits tracked across all sources.
TinyPHP Forum 3.6 - 'makeAdmin' Remote Admin Maker
by SirDarckCat
Mozilla Firefox <1.5.0.5 & SeaMonkey <1.0.3 - RCE
Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code by changing certain properties of the window navigator object (window.navigator) that are accessed when Java starts up, which causes a crash that leads to code execution.
by H D Moore
Microsoft Internet Explorer 6.0 - Denial of Service via Internet.HHCtrl.1 ActiveX Object
Microsoft Internet Explorer 6.0 on Windows XP SP2 allows remote attackers to cause a denial of service (application crash) by calling the Click method of the Internet.HHCtrl.1 ActiveX object before initializing the URL, which triggers a null dereference.
by Alex F
Microsoft Internet Explorer 6 on Windows XP - DoS
Microsoft Internet Explorer 6 on Windows XP allows remote attackers to cause a denial of service (crash) via a table with a frameset as a child, which triggers a null dereference, as demonstrated using the appendChild method.
by Aviv Raff
Microsoft Internet Explorer 6 - 'Internet.HHCtrl' Heap Overflow
by H D Moore
Microsoft Internet Explorer 6 - DoS
Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by declaring the sourceURL attribute on an uninitialized DirectAnimation.StructuredGraphicsControl ActiveX Object, which triggers a null dereference.
by hdm
Apple Safari 2.0.4/419.3 - Denial of Service via DHTML setAttributeNode Null Dereference
Apple Safari 2.0.4/419.3 allows remote attackers to cause a denial of service (application crash) via a DHTML setAttributeNode function call with zero arguments, which triggers a null dereference.
by Dennis Cox
Microsoft Internet Explorer 6.0-6.0 SP1 - DoS
Microsoft Internet Explorer 6.0 and 6.0 SP1 allows remote attackers to cause a denial of service via an HTML page with an A tag containing a long title attribute. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
by jsz
Microsoft Internet Explorer 6 - DoS
Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by setting the Filter property of an ADODB.Recordset ActiveX object to certain values multiple times, which triggers a null dereference.
by hdm
Microsoft Internet Explorer 6.0 - Info Disclosure
Cross-domain vulnerability in Microsoft Internet Explorer 6.0 allows remote attackers to access restricted information from other domains via an object tag with a data parameter that references a link on the attacker's originating site that specifies a Location HTTP header that references the target site, which then makes that content available through the outerHTML attribute of the object, aka "Redirect Cross-Domain Information Disclosure Vulnerability."
by Plebo Aesdi Nael
Opera 9 - Denial of Service via Long Hostname in A Tag href Attribute
Opera 9 allows remote attackers to cause a denial of service (crash) via an A tag with an href attribute with a URL containing a long hostname, which triggers an out-of-bounds operation.
by N9
Mozilla Firefox <2.0.0.8 - Info Disclosure
Mozilla Firefox 1.5.0.4, 2.0.x before 2.0.0.8, Mozilla Suite 1.7.13, Mozilla SeaMonkey 1.0.2 and other versions before 1.1.5, and Netscape 8.1 and earlier allow user-assisted remote attackers to read arbitrary files by tricking a user into typing the characters of the target filename in a text box and using the OnKeyDown, OnKeyPress, and OnKeyUp Javascript keystroke events to change the focus and cause those characters to be inserted into a file upload input control, which can then upload the file when the user submits the form.
by Jesse Ruderman
Mozilla Firefox <2.0.0.8 - Info Disclosure
Mozilla Firefox 1.5.0.4, 2.0.x before 2.0.0.8, Mozilla Suite 1.7.13, Mozilla SeaMonkey 1.0.2 and other versions before 1.1.5, and Netscape 8.1 and earlier allow user-assisted remote attackers to read arbitrary files by tricking a user into typing the characters of the target filename in a text box and using the OnKeyDown, OnKeyPress, and OnKeyUp Javascript keystroke events to change the focus and cause those characters to be inserted into a file upload input control, which can then upload the file when the user submits the form.
by Jesse Ruderman
myNewsletter <1.1.2 - SQL Injection
Multiple SQL injection vulnerabilities in myNewsletter 1.1.2 and earlier allow remote attackers to execute arbitrary SQL commands via the UserName parameter in (1) validatelogin.asp or (2) adminlogin.asp.
by FarhadKey
myNewsletter <1.1.2 - SQL Injection
Multiple SQL injection vulnerabilities in myNewsletter 1.1.2 and earlier allow remote attackers to execute arbitrary SQL commands via the UserName parameter in (1) validatelogin.asp or (2) adminlogin.asp.
by FarhadKey
FunkBoard CF0.71 - Unauthenticated Arbitrary Password Change via Profile Edit UID Parameter
profile.php in FunkBoard CF0.71 allows remote attackers to change arbitrary passwords via a modified uid hidden form field in an Edit Profile action.
by ajann
Firefox - Denial of Service via Nested Marquee Tags
Unspecified versions of Mozilla Firefox allow remote attackers to cause a denial of service (crash) via a web page that contains a large number of nested marquee tags. NOTE: a followup post indicated that the initial report could not be verified.
by n00b
aspWebLinks 2.0 - SQL Injection via linkID Parameter
SQL injection vulnerability in links.asp in aspWebLinks 2.0 allows remote attackers to execute arbitrary SQL commands via the linkID parameter.
by ajann
aspWebLinks 2.0 - Unauthenticated Administrative Password Change via txtAdministrativePassword Field
links.asp in aspWebLinks 2.0 allows remote attackers to change the administrative password, possibly via a direct request with a modified txtAdministrativePassword field.
by ajann
ASPwebSoft Speedy Asp Discussion Forum - RCE
ASPwebSoft Speedy Asp Discussion Forum allows remote attackers to change the password of any account via a modified account id and possibly arbitrary values of the name, email, country, password, and passwordre parameters to profileupdate.asp.
by ajann
Nukedit < 4.9.6 - Unauthenticated Arbitrary User Creation via GroupID Parameter
utilities/register.asp in Nukedit 4.9.6 and earlier allows remote attackers to create new users as part of arbitrary groups, including the administrative group, via a modified groupid parameter when creating a user via the addDB action.
by FarhadKey
Eggblog < 3.0.6 - SQL Injection via RSS Posts ID Parameter
SQL injection vulnerability in rss/posts.php in Eggblog before 3.07 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by nukedx
Microsoft Internet Explorer 6.0 - RCE
Unspecified vulnerability in Microsoft Internet Explorer 6.0 allows remote attackers to execute HTA files via unknown vectors.
by Thomas Waldegger
Mozilla Firefox 1.5.0.3 - 'Loop' Denial of Service
by Gianni Amato
Microsoft Internet Explorer < 6.0.2900 - Denial of Service via CSS Position Attribute
Microsoft Internet Explorer 6.0.2900 SP2 and earlier allows remote attackers to cause a denial of service (crash) via a table element with a CSS attribute that sets the position, which triggers an "unhandled exception" in mshtml.dll.
by seven
CVSS 6.5
By Source