Salman Asad

8 exploits Active since Apr 2020
CVE-2021-47792 EXPLOITDB HIGH text WORKING POC
Remote Mouse 4.002 - Privilege Escalation
Remote Mouse 4.002 contains an unquoted service path vulnerability that allows local attackers to execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted service path in the RemoteMouseService to inject malicious executables and gain administrative access.
CVSS 7.8
CVE-2022-25012 EXPLOITDB MEDIUM python WORKING POC
Argussurveillance Dvr - Weak Encryption
Argus Surveillance DVR v4.0 employs weak password encryption.
CVSS 5.5
CVE-2021-47790 EXPLOITDB HIGH text WORKING POC
Active WebCam 11.5 - Code Injection
Active WebCam 11.5 contains an unquoted service path vulnerability that allows local attackers to execute arbitrary code with elevated system privileges. Attackers can exploit the misconfigured service path by placing malicious executables in specific directory locations to gain administrative access.
CVSS 7.8
CVE-2020-11107 EXPLOITDB HIGH powershell WORKING POC
XAMPP <7.2.29, <7.3.16, <7.4.4 - Command Injection
An issue was discovered in XAMPP before 7.2.29, 7.3.x before 7.3.16 , and 7.4.x before 7.4.4 on Windows. An unprivileged user can change a .exe configuration in xampp-contol.ini for all users (including admins) to enable arbitrary command execution.
CVSS 8.8
CVE-2021-35448 EXPLOITDB HIGH text WORKING POC
Emote Interactive Remote Mouse 3.008 - RCE
Emote Interactive Remote Mouse 3.008 on Windows allows attackers to execute arbitrary programs as Administrator by using the Image Transfer Folder feature to navigate to cmd.exe. It binds to local ports to listen for incoming connections.
CVSS 7.8
EIP-2026-116810 EXPLOITDB text WRITEUP
Argus Surveillance DVR 4.0 - Unquoted Service Path
EIP-2026-110202 EXPLOITDB text WORKING POC
Online Voting System 1.0 - Authentication Bypass (SQLi)
EIP-2026-110203 EXPLOITDB text WORKING POC
Online Voting System 1.0 - Remote Code Execution (Authenticated)