Amin Rawah

2 exploits Active since Jun 2020
CVE-2020-37101 EXPLOITDB HIGH text WORKING POC
VPN Unlimited 6.1 - Unquoted Service Path Privilege Escalation via Service Binary Path Injection
VPN Unlimited 6.1 contains an unquoted service path vulnerability that allows local attackers to inject malicious executables into the service binary path. Attackers can exploit the unquoted path in 'C:\Program Files (x86)\VPN Unlimited\' to replace the service executable and gain elevated system privileges.
CVSS 7.8
CVE-2020-14073 EXPLOITDB MEDIUM text WORKING POC
PRTG Network Monitor 20.1.56.1574 - Authenticated Stored Cross-Site Scripting via Map Designer Properties
XSS exists in PRTG Network Monitor 20.1.56.1574 via crafted map properties. An attacker with Read/Write privileges can create a map, and then use the Map Designer Properties screen to insert JavaScript code. This can be exploited against any user with View Maps or Edit Maps access.
CVSS 5.4