167 matches found
EUVD-2025-3184
Malicious code in bioql PyPI...
CVE-2025-23442
Cross-Site Request Forgery CSRF vulnerability in mschertel Shockingly Big IE6 Warning shockingly-big-ie6-warning allows Stored XSS.This issue affects Shockingly Big IE6 Warning: from n/a through = 1.6.3...
CVE-2025-23442
Cross-Site Request Forgery CSRF vulnerability in mschertel Shockingly Big IE6 Warning shockingly-big-ie6-warning allows Stored XSS.This issue affects Shockingly Big IE6 Warning: from n/a through = 1.6.3...
CVE-2025-23442
CVE-2025-23442 describes a Cross-Site Request Forgery (CSRF) vulnerability in the Shockingly Big IE6 Warning WordPress plugin that allows Stored XSS. Reported as affecting Shockingly Big IE6 Warning from n/a through 1.6.3, the entry lists a CVSS v3.1 base score of 7.1 (HIGH) with network attack v...
CVE-2025-23442 WordPress Shockingly Big IE6 Warning plugin <= 1.6.3 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in mschertel Shockingly Big IE6 Warning shockingly-big-ie6-warning allows Stored XSS.This issue affects Shockingly Big IE6 Warning: from n/a through = 1.6.3...
CVE-2013-2551-sample analysis and exploits and Defense-vulnerability warning-the black bar safety net
0x0 is written on the front VUPEN team in the Pwn2Own 2013 hacking contest using the vulnerability to compromise Windows 8 environment, IE10, then on their blog discloses technical details. According to VUPEN description of the vulnerability produced in the VGX. DLL module, in the VML language...
1 Click Extract Audio 2.3.6 - Activex Buffer Overflow
1 Click Extract Audio 2.3.6 - Activex Buffer Overflow 1 Click Extract Audio Activex Buffer Overflow Affected version=2.3.6 Vendor Homepage:http://www.dvdvideotool.com/index.htm Software Link:www.dvdvideotool.com/1ClickExtractAudio.exe The vulnerability lies in the COM component used by the produc...
JSON Data encoded for use in HTML was not safe to use in IE6/IE7, possible XSS attacks
More info at https://www.yiiframework.com/news/86/yii-2-0-4-is-released/...
JSON Data encoded for use in HTML was not safe to use in IE6/IE7, possible XSS attacks
More info at https://www.yiiframework.com/news/86/yii-2-0-4-is-released/...
JSON Data encoded for use in HTML was not safe to use in IE6/IE7, possible XSS attacks
More info at https://www.yiiframework.com/news/86/yii-2-0-4-is-released/...
JSON Data encoded for use in HTML was not safe to use in IE6/IE7, possible XSS attacks
More info at https://www.yiiframework.com/news/86/yii-2-0-4-is-released/...
JSON Data encoded for use in HTML was not safe to use in IE6/IE7, possible XSS attacks
More info at https://www.yiiframework.com/news/86/yii-2-0-4-is-released/...
Samsung iPOLiS ReadConfigValue Remote Code Execution Exploit
Exploit for windows platform in category remote exploits var shellcode =...
WebGate WinRDS 2.0.8 - PlaySiteAllChannel Stack Buffer Overflow
WebGate WinRDS 2.0.8 - PlaySiteAllChannel Stack Buffer Overflow var arg1 = ""; var arg2 = 1; var arg3 = 1; var nops = ""; var shellcode = ""; var buff2 = ""; for i=0; i128; i++ arg1 += "B"; var nseh = "\xeb\x10PD"; var seh = "\xa0\xf2\x07\x10"; for i=0;i80; i++ nops += "\x90"; shellcode =...
Lorex LH300 Series - ActiveX Buffer Overflow (PoC)
Lorex LH300 Series - ActiveX Buffer Overflow PoC Disclosure: 09/01/2014 / Last updated: 18/01/2015 Hi, I have discovered a buffer overflow vulnerability that allows remote code execution in an ActiveX control bundled by a manufacturer of video surveillance systems. The company is Lorex...
Advantech WebAccess dvs.ocx GetColor Buffer Overflow Exploit
This Metasploit module exploits a buffer overflow vulnerability in Advantec WebAccess. The vulnerability exists in the dvs.ocx ActiveX control, where a dangerous call to sprintf can be reached with user controlled data through the GetColor function. This Metasploit module has been tested...
Apple QuickTime 7.7.2 TeXML Style Element font-table Field Stack Buffer Overflow
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...
SAMSUNG NET-i Viewer 1.37 SEH Overwrite
No description provided by source. html object classid='clsid:FA6E2EA9-D816-4F00-940B-609C9E8847A4' id='target' /object script language='vbscript' ' Exploit Title: SAMSUNG NET-i viewer ActiveX SEH Overwrite ' Date: April 30 2012 ' Author: Blake ' Software Link:...
RealNetworks Realplayer QCP Parsing Heap Overflow
No description provided by source. $Id: realplayerqcp.rb 13745 2011-09-17 06:48:33Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...
SPlayer XvidDecoder 3.3 - ActiveX Remote Exec 0day PoC
No description provided by source. Author: superli Tested on: xpsp3 ie6 Code : object id=TestObj classid=CLSID:E5960BC4-A76B-4211-BEEC-9AEE2AF8AAE6 style=width:100;height:350/object...