EUVD-2025-3184

Malicious code in bioql PyPI...

CVE-2025-23442

Cross-Site Request Forgery CSRF vulnerability in mschertel Shockingly Big IE6 Warning shockingly-big-ie6-warning allows Stored XSS.This issue affects Shockingly Big IE6 Warning: from n/a through = 1.6.3...

CVE-2025-23442

Cross-Site Request Forgery CSRF vulnerability in mschertel Shockingly Big IE6 Warning shockingly-big-ie6-warning allows Stored XSS.This issue affects Shockingly Big IE6 Warning: from n/a through = 1.6.3...

CVE-2025-23442 WordPress Shockingly Big IE6 Warning plugin <= 1.6.3 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in mschertel Shockingly Big IE6 Warning shockingly-big-ie6-warning allows Stored XSS.This issue affects Shockingly Big IE6 Warning: from n/a through = 1.6.3...

CVE-2025-23442

CVE-2025-23442 describes a Cross-Site Request Forgery (CSRF) vulnerability in the Shockingly Big IE6 Warning WordPress plugin that allows Stored XSS. Reported as affecting Shockingly Big IE6 Warning from n/a through 1.6.3, the entry lists a CVSS v3.1 base score of 7.1 (HIGH) with network attack v...

CVE-2013-2551-sample analysis and exploits and Defense-vulnerability warning-the black bar safety net

0x0 is written on the front VUPEN team in the Pwn2Own 2013 hacking contest using the vulnerability to compromise Windows 8 environment, IE10, then on their blog discloses technical details. According to VUPEN description of the vulnerability produced in the VGX. DLL module, in the VML language...

1 Click Extract Audio 2.3.6 - Activex Buffer Overflow

1 Click Extract Audio 2.3.6 - Activex Buffer Overflow 1 Click Extract Audio Activex Buffer Overflow Affected version=2.3.6 Vendor Homepage:http://www.dvdvideotool.com/index.htm Software Link:www.dvdvideotool.com/1ClickExtractAudio.exe The vulnerability lies in the COM component used by the produc...

JSON Data encoded for use in HTML was not safe to use in IE6/IE7, possible XSS attacks

More info at https://www.yiiframework.com/news/86/yii-2-0-4-is-released/...

JSON Data encoded for use in HTML was not safe to use in IE6/IE7, possible XSS attacks

More info at https://www.yiiframework.com/news/86/yii-2-0-4-is-released/...

JSON Data encoded for use in HTML was not safe to use in IE6/IE7, possible XSS attacks

More info at https://www.yiiframework.com/news/86/yii-2-0-4-is-released/...

JSON Data encoded for use in HTML was not safe to use in IE6/IE7, possible XSS attacks

More info at https://www.yiiframework.com/news/86/yii-2-0-4-is-released/...

JSON Data encoded for use in HTML was not safe to use in IE6/IE7, possible XSS attacks

More info at https://www.yiiframework.com/news/86/yii-2-0-4-is-released/...

Samsung iPOLiS ReadConfigValue Remote Code Execution Exploit

Exploit for windows platform in category remote exploits var shellcode =...

WebGate WinRDS 2.0.8 - PlaySiteAllChannel Stack Buffer Overflow

WebGate WinRDS 2.0.8 - PlaySiteAllChannel Stack Buffer Overflow var arg1 = ""; var arg2 = 1; var arg3 = 1; var nops = ""; var shellcode = ""; var buff2 = ""; for i=0; i128; i++ arg1 += "B"; var nseh = "\xeb\x10PD"; var seh = "\xa0\xf2\x07\x10"; for i=0;i80; i++ nops += "\x90"; shellcode =...

Lorex LH300 Series - ActiveX Buffer Overflow (PoC)

Lorex LH300 Series - ActiveX Buffer Overflow PoC Disclosure: 09/01/2014 / Last updated: 18/01/2015 Hi, I have discovered a buffer overflow vulnerability that allows remote code execution in an ActiveX control bundled by a manufacturer of video surveillance systems. The company is Lorex...

Advantech WebAccess dvs.ocx GetColor Buffer Overflow Exploit

This Metasploit module exploits a buffer overflow vulnerability in Advantec WebAccess. The vulnerability exists in the dvs.ocx ActiveX control, where a dangerous call to sprintf can be reached with user controlled data through the GetColor function. This Metasploit module has been tested...

XChat <= 2.8.7b (URI Handler) Remote Code Execution Exploit (ie6/ie7)

No description provided by source. Xchat = 2.8.7b Remote Code Execution tested on Windows XP SP1+SP2+SP3, IE6 & IE7 fully patched Vendor : http://xchat.org/ Affected Os : Windows Risk : critical This bug is related to the URI Handler vulnerability but the approch is a bit different. We don't use...

Mitsubishi MX ActiveX Component 3 - (ActUWzd.dll (WzTitle)) - Remote Exploit

No description provided by source. !-- Title: Mitsubishi MX Component v3 ActiveX 365+-Day ActUWzd.dll WzTitle By: DrIDE File: C:\MELSEC\Act\Control\ActUWzd.dll Version 1.0.0.1 Known Affected Systems: CitectScada 7.10r1 ships with this in the Extras folder. Known Affected Systems: CitectFacilities...

Novell GroupWise Client gwcls1.dll ActiveX Remote Code Execution

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...

SAMSUNG NET-i Viewer 1.37 SEH Overwrite

No description provided by source. html object classid='clsid:FA6E2EA9-D816-4F00-940B-609C9E8847A4' id='target' /object script language='vbscript' ' Exploit Title: SAMSUNG NET-i viewer ActiveX SEH Overwrite ' Date: April 30 2012 ' Author: Blake ' Software Link:...