Nawaf Alkeraithe

8 exploits Active since Feb 2026
CVE-2019-25701 EXPLOITDB HIGH python WORKING POC
Easy Video to iPod Converter 1.6.20 Local Buffer Overflow SEH
Easy Video to iPod Converter 1.6.20 contains a local buffer overflow vulnerability in the user registration field that allows local attackers to overwrite the structured exception handler. Attackers can input a crafted payload exceeding 996 bytes in the username field to trigger SEH overwrite and execute arbitrary code with user privileges.
CVSS 8.4
CVE-2019-25267 EXPLOITDB HIGH text WRITEUP
Wing FTP Server 6.0.7 - Privilege Escalation
Wing FTP Server 6.0.7 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path in the service configuration to inject malicious executables that will be launched with LocalSystem permissions.
CVSS 7.8
EIP-2026-113676 EXPLOITDB text WORKING POC
WordPress Plugin Custom Searchable Data System - Unauthenticated Data M]odification
EIP-2026-111518 EXPLOITDB text WRITEUP
Professional Designer E-Store - 'id' Multiple SQL Injections
EIP-2026-106824 EXPLOITDB text WORKING POC
Electricks eCommerce 1.0 - Persistent Cross-Site Scripting
EIP-2026-106823 EXPLOITDB text WORKING POC
Electricks eCommerce 1.0 - Cross-Site Request Forgery (Change Admin Password)
EIP-2026-104955 EXPLOITDB text WORKING POC
Admidio 3.3.5 - Cross-Site Request Forgery (Change Permissions)
EIP-2026-102738 EXPLOITDB text WORKING POC
SIPp 3.3.990 - Local Buffer Overflow (PoC)