Gjoko 'LiquidWorm' Krstic

684 exploits Active since Nov 2005
EIP-2026-117796 EXPLOITDB text WRITEUP
Privacyware Privatefirewall 7.0 - Unquoted Service Path Privilege Escalation
EIP-2026-117789 EXPLOITDB perl WORKING POC
PowerCHM 5.7 - 'hhp' Local Buffer Overflow
EIP-2026-117508 EXPLOITDB text WRITEUP
Microsoft Source Code Analyzer for SQL Injection 1.3 - Improper Permissions
EIP-2026-117593 EXPLOITDB python WORKING POC
Mikogo 5.4.1.160608 - Local Credentials Disclosure
EIP-2026-117668 EXPLOITDB text WRITEUP
Native Instruments Service Center 2.2.5 - Local Privilege Escalation
EIP-2026-117498 EXPLOITDB text WRITEUP
Microsoft Internet Explorer 11 - Null Pointer Dereference
CVE-2010-3137 EXPLOITDB c WORKING POC
Nullsoft Winamp 5.581 - Untrusted Search Path and DLL Hijacking via Trojan Horse wnaspi32.dll
Untrusted search path vulnerability in Nullsoft Winamp 5.581, and probably other versions, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wnaspi32.dll that is located in the same folder as a .669, .aac, .aiff, .amf, .au, .avr, .b4s, .caf or .cda file.
CVE-2010-3138 EXPLOITDB c WORKING POC
Microsoft Windows XP SP3 - Privilege Escalation
Untrusted search path vulnerability in the Indeo Codec in iac25_32.ax in Microsoft Windows XP SP3 allows local users to gain privileges via a Trojan horse iacenc.dll file in the current working directory, as demonstrated by access through BS.Player or Media Player Classic to a directory that contains a .avi, .mka, .ra, or .ram file, aka "Indeo Codec Insecure Library Loading Vulnerability." NOTE: some of these details are obtained from third party information.
EIP-2026-117725 EXPLOITDB text WRITEUP
Operation Technology ETAP 14.1.0 - Local Privilege Escalation
EIP-2026-117760 EXPLOITDB text WRITEUP
Pelco VideoXpert 1.12.105 - Local Privilege Escalation
EIP-2026-117238 EXPLOITDB html WORKING POC
Gesytec ElonFmt ActiveX 1.1.14 - 'ElonFmt.ocx' pid Item Buffer Overflow (SEH)
CVE-2010-3134 EXPLOITDB c WORKING POC
Google Earth 5.1.3535.3218 - Untrusted Search Path and DLL Hijacking via Trojan Horse quserex.dll
Untrusted search path vulnerability in Google Earth 5.1.3535.3218 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse quserex.dll that is located in the same folder as a .kmz file.
CVE-2014-9416 EXPLOITDB c WORKING POC
Huawei eSpace Desktop <V200R003C00 - RCE
Multiple untrusted search path vulnerabilities in Huawei eSpace Desktop before V200R003C00 allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) mfc71enu.dll, (2) mfc71loc.dll, (3) tcapi.dll, or (4) airpcap.dll.
EIP-2026-117318 EXPLOITDB text WRITEUP
iniNet SpiderControl PLC Editor Simatic 6.30.04 - Insecure File Permissions
EIP-2026-117319 EXPLOITDB text WRITEUP
iniNet SpiderControl SCADA Web Server Service 2.02 - Insecure File Permissions
EIP-2026-117133 EXPLOITDB text WRITEUP
Epic Games Rocket League 1.95 - Stack Buffer Overrun
EIP-2026-117151 EXPLOITDB text WRITEUP
EyeLock Myris 3.3.2 - SDK Service Unquoted Service Path Privilege Escalation
CVE-2014-8359 EXPLOITDB text WRITEUP
Huawei Mobile Partner 23.009.05.03.1014 - Untrusted Search Path and DLL Hijacking via wintab32.dll
Untrusted search path vulnerability in Huawei Mobile Partner for Windows 23.009.05.03.1014 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wintab32.dll in the Mobile Partner directory.
EIP-2026-117125 EXPLOITDB text WRITEUP
Electronic Arts Origin Client 9.5.5 - Multiple Privilege Escalation Vulnerabilities
EIP-2026-117027 EXPLOITDB python WORKING POC
Delta Industrial Automation DCISoft 1.12.09 - Local Stack Buffer Overflow
EIP-2026-117119 EXPLOITDB perl WORKING POC
EDraw Flowchart ActiveX Control 2.3 - '.edd parsing' Buffer Overflow
CVE-2014-3222 EXPLOITDB HIGH text WRITEUP
Huawei eSpace Meeting < V100R001C03SPC201 - Privilege Escalation
In Huawei eSpace Meeting with software V100R001C03SPC201 and the earlier versions, attackers that obtain the permissions assigned to common users can elevate privileges to access and set specific key resources.
CVSS 7.0
EIP-2026-116959 EXPLOITDB text WORKING POC
Cimetrics BACnet Explorer 4.0 - XML External Entity Injection
EIP-2026-116960 EXPLOITDB text WRITEUP
Cimetrics BACstac 6.2f - Local Privilege Escalation
CVE-2014-8393 EXPLOITDB HIGH c WORKING POC
CorelDRAW X7, Corel Photo-Paint X7, Corel PaintShop Pro X7, Corel Painter 2015, and Corel PDF Fusion - DLL Hijacking
DLL Hijacking vulnerability in CorelDRAW X7, Corel Photo-Paint X7, Corel PaintShop Pro X7, Corel Painter 2015, and Corel PDF Fusion.
CVSS 7.8