Gjoko 'LiquidWorm' Krstic

684 exploits Active since Nov 2005
EIP-2026-117796 EXPLOITDB text WRITEUP
Privacyware Privatefirewall 7.0 - Unquoted Service Path Privilege Escalation
EIP-2026-117508 EXPLOITDB text WRITEUP
Microsoft Source Code Analyzer for SQL Injection 1.3 - Improper Permissions
CVE-2010-3137 EXPLOITDB c WORKING POC
Nullsoft Winamp 5.581 - RCE
Untrusted search path vulnerability in Nullsoft Winamp 5.581, and probably other versions, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wnaspi32.dll that is located in the same folder as a .669, .aac, .aiff, .amf, .au, .avr, .b4s, .caf or .cda file.
EIP-2026-117668 EXPLOITDB text WRITEUP
Native Instruments Service Center 2.2.5 - Local Privilege Escalation
EIP-2026-117760 EXPLOITDB text WRITEUP
Pelco VideoXpert 1.12.105 - Local Privilege Escalation
EIP-2026-117498 EXPLOITDB text WRITEUP
Microsoft Internet Explorer 11 - Null Pointer Dereference
EIP-2026-117593 EXPLOITDB python WORKING POC
Mikogo 5.4.1.160608 - Local Credentials Disclosure
CVE-2010-3138 EXPLOITDB c WORKING POC
Microsoft Windows XP SP3 - Privilege Escalation
Untrusted search path vulnerability in the Indeo Codec in iac25_32.ax in Microsoft Windows XP SP3 allows local users to gain privileges via a Trojan horse iacenc.dll file in the current working directory, as demonstrated by access through BS.Player or Media Player Classic to a directory that contains a .avi, .mka, .ra, or .ram file, aka "Indeo Codec Insecure Library Loading Vulnerability." NOTE: some of these details are obtained from third party information.
EIP-2026-117789 EXPLOITDB perl WORKING POC
PowerCHM 5.7 - 'hhp' Local Buffer Overflow
EIP-2026-117318 EXPLOITDB text WRITEUP
iniNet SpiderControl PLC Editor Simatic 6.30.04 - Insecure File Permissions
EIP-2026-116817 EXPLOITDB text WRITEUP
Asseco SEE iBank FX Client 2.0.9.3 - Local Privilege Escalation
EIP-2026-117151 EXPLOITDB text WRITEUP
EyeLock Myris 3.3.2 - SDK Service Unquoted Service Path Privilege Escalation
CVE-2009-0450 EXPLOITDB python WORKING POC
BlazeVideo HDTV Player <3.5 - Buffer Overflow
Stack-based buffer overflow in BlazeVideo HDTV Player 3.5 and earlier allows remote attackers to execute arbitrary code via a long string in a playlist (aka .plf) file.
EIP-2026-116959 EXPLOITDB text WORKING POC
Cimetrics BACnet Explorer 4.0 - XML External Entity Injection
EIP-2026-117027 EXPLOITDB python WORKING POC
Delta Industrial Automation DCISoft 1.12.09 - Local Stack Buffer Overflow
EIP-2026-117319 EXPLOITDB text WRITEUP
iniNet SpiderControl SCADA Web Server Service 2.02 - Insecure File Permissions
EIP-2026-117133 EXPLOITDB text WRITEUP
Epic Games Rocket League 1.95 - Stack Buffer Overrun
EIP-2026-117238 EXPLOITDB html WORKING POC
Gesytec ElonFmt ActiveX 1.1.14 - 'ElonFmt.ocx' pid Item Buffer Overflow (SEH)
EIP-2026-116960 EXPLOITDB text WRITEUP
Cimetrics BACstac 6.2f - Local Privilege Escalation
EIP-2026-117006 EXPLOITDB text WRITEUP
Crouzet em4 soft 1.1.04 / M3 soft 3.1.2.0 - Insecure File Permissions
EIP-2026-116945 EXPLOITDB text WRITEUP
Certec EDV atvise SCADA Server 2.5.9 - Local Privilege Escalation
CVE-2014-3222 EXPLOITDB HIGH text WRITEUP
Huawei Espace Meeting < v100r001c03spc201 - Access Control
In Huawei eSpace Meeting with software V100R001C03SPC201 and the earlier versions, attackers that obtain the permissions assigned to common users can elevate privileges to access and set specific key resources.
CVSS 7.0
EIP-2026-116772 EXPLOITDB text WRITEUP
Aloaha Credential Provider Monitor 5.0.226 - Local Privilege Escalation
CVE-2010-3134 EXPLOITDB c WORKING POC
Google Earth <5.1.3535.3218 - RCE
Untrusted search path vulnerability in Google Earth 5.1.3535.3218 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse quserex.dll that is located in the same folder as a .kmz file.
EIP-2026-117125 EXPLOITDB text WRITEUP
Electronic Arts Origin Client 9.5.5 - Multiple Privilege Escalation Vulnerabilities