Html Exploits
2,076 exploits tracked across all sources.
Aladdin eSafe Gateway 3.0 and earlier - Cross-Site Scripting via HTML Tag Attribute Injection
Aladdin eSafe Gateway versions 3.0 and earlier allows a remote attacker to circumvent filtering of SCRIPT tags by embedding the scripts within certain HTML tags including (1) onload in the BODY tag, (2) href in the A tag, (3) the BUTTON tag, (4) the INPUT tag, or (5) any other tag in which scripts can be defined.
by eDvice Security Services
Microsoft Internet Explorer 5.5 - File Disclosure
by Georgi Guninski
Internet Explorer <5.5 - Command Injection
Internet Explorer 5.5 and earlier executes Telnet sessions using command line arguments that are specified by the web site, which could allow remote attackers to execute arbitrary commands if the IE client is using the Telnet client provided in Services for Unix (SFU) 2.0, which creates session transcripts.
by Oliver Friedrichs
Windows Media Player 7 - Remote Code Execution via Malicious Skin File
Windows Media Player 7 allows remote attackers to execute malicious Java applets in Internet Explorer clients by enclosing the applet in a skin file named skin.wmz, then referencing that skin in the codebase parameter to an applet tag, aka the Windows Media Player Skins File Download" vulnerability.
by Georgi Guninski
Internet Explorer - Denial of Service via Object Creation and Deletion
MSHTML.DLL HTML parser in Internet Explorer 4.0, and other versions, allows remote attackers to cause a denial of service (application crash) via a script that creates and deletes an object that is associated with the browser window object.
by Thor Larholm
Windows Media Player 7 - Remote Code Execution via JavaScript URL in ActiveX Control
The WMP ActiveX Control in Windows Media Player 7 allows remote attackers to execute commands in Internet Explorer via javascript URLs, a variant of the "Frame Domain Verification" vulnerability.
by Georgi Guninski
simplestguest.cgi - Remote Command Execution via Guestbook Parameter
simplestguest.cgi CGI program by Leif Wright allows remote attackers to execute arbitrary commands via shell metacharacters in the guestbook parameter.
by suid
simplestmail.cgi - Remote Command Execution via MyEmail Parameter
simplestmail.cgi CGI program by Leif Wright allows remote attackers to execute arbitrary commands via shell metacharacters in the MyEmail parameter.
by rpc
everythingform.cgi - Command Injection
everythingform.cgi CGI program by Leif Wright allows remote attackers to execute arbitrary commands via shell metacharacters in the config parameter.
by rpc
ad.cgi - Remote Command Execution via File Parameter
ad.cgi CGI program by Leif Wright allows remote attackers to execute arbitrary commands via shell metacharacters in the file parameter.
by rpc
Internet Explorer <5.6 - Info Disclosure
Internet Explorer 5.0 through 5.5 allows remote attackers to read arbitrary files from the client via the INPUT TYPE element in an HTML form, aka the "File Upload via Form" vulnerability.
by Key
Microsoft Internet Explorer 5.5 - 'Index.dat' (MS00-055)
by Georgi Guninski
Microsoft Indexing Service - Information Disclosure via ixsso.query ActiveX Object
The ixsso.query ActiveX Object is marked as safe for scripting, which allows malicious web site operators to embed a script that remotely determines the existence of files on visiting Windows 2000 systems that have Indexing Services enabled.
by Georgi Guninski
HotJava Browser 3.0 - Unauthenticated DOM Access via JavaScript URL in Named Window
HotJava Browser 3.0 allows remote attackers to access the DOM of a web page by opening a javascript: URL in a named window.
by Georgi Guninski
Microsoft Virtual Machine - Arbitrary Java Codebase Execution
by Georgi Guninski
Windows Scripting Host - Info Disclosure
Windows Scripting Host in Internet Explorer 5.5 and earlier allows remote attackers to read arbitrary files via the GetObject Javascript function and the htmlfile ActiveX object.
by Georgi Guninski
Subscribe Me LITE - Privilege Escalation
Subscribe Me LITE does not properly authenticate attempts to change the administrator password, which allows remote attackers to gain privileges for the Account Manager by directly calling the subscribe.pl script with the setpwd parameter.
by n30
Account Manager LITE - Privilege Escalation
Account Manager LITE does not properly authenticate attempts to change the administrator password, which allows remote attackers to gain privileges for the Account Manager by directly calling the amadmin.pl script with the setpasswd parameter.
by n30
Internet Explorer <5.x - Info Disclosure
Internet Explorer 4.x and 5.x does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files via the frame, aka the "Frame Domain Verification" vulnerability.
by Andrew Nosenko
Checkpoint Firewall-1 - Cross-Site Scripting via Malformed Script Tag Bypass
Firewall-1 does not properly filter script tags, which allows remote attackers to bypass the "Strip Script Tags" restriction by including an extra < in front of the SCRIPT tag.
by Arne Vidstrom
Microsoft HTML Control - Denial of Service via Large HTML Form Fields
Microsoft HTML control as used in (1) Internet Explorer 5.0, (2) FrontPage Express, (3) Outlook Express 5, and (4) Eudora, and possibly others, allows remote malicious web site or HTML emails to cause a denial of service (100% CPU consumption) via large HTML form fields such as text inputs in a table cell.
by Neon Bunny
Microsoft Jet - Remote Code Execution via Database Query
The Microsoft Jet database engine allows an attacker to execute commands via a database query, aka the "VBA Shell" vulnerability.
by BrootForce
classifieds.cgi Hidden Variable - Command Injection
classifieds.cgi allows remote attackers to execute arbitrary commands by specifying them in a hidden variable in a CGI form.
by anonymous
Excite for Web Servers 1.1 - Administrative Password
by Michael Gerdts
Compaq Java Applet for Presario SpawnApp - Code Execution
by Frank Farance
By Source