Salman Asad (@deathflash1411) a.k.a LeoBreaker

8 exploits Active since Apr 2020
CVE-2022-25012 NOMISEC MEDIUM WORKING POC
Argus Surveillance DVR 4.0 - Inadequate Encryption Strength
Argus Surveillance DVR v4.0 employs weak password encryption.
CVSS 5.5
CVE-2020-11107 NOMISEC HIGH WORKING POC
XAMPP <7.2.29, <7.3.16, <7.4.4 - Command Injection
An issue was discovered in XAMPP before 7.2.29, 7.3.x before 7.3.16 , and 7.4.x before 7.4.4 on Windows. An unprivileged user can change a .exe configuration in xampp-contol.ini for all users (including admins) to enable arbitrary command execution.
CVSS 8.8
CVE-2021-47945 EXPLOITDB HIGH text WORKING POC
Argus Surveillance DVR 4.0 Unquoted Service Path Privilege Escalation
Argus Surveillance DVR 4.0 contains an unquoted service path vulnerability in the DVRWatchdog service that allows local attackers to escalate privileges by exploiting the service binary path. Attackers can place a malicious executable in the Program Files directory to be executed with LocalSystem privileges when the service starts.
CVSS 7.8
CVE-2022-25012 EXPLOITDB MEDIUM python WORKING POC
Argus Surveillance DVR 4.0 - Inadequate Encryption Strength
Argus Surveillance DVR v4.0 employs weak password encryption.
CVSS 5.5
CVE-2020-11107 EXPLOITDB HIGH powershell WORKING POC
XAMPP <7.2.29, <7.3.16, <7.4.4 - Command Injection
An issue was discovered in XAMPP before 7.2.29, 7.3.x before 7.3.16 , and 7.4.x before 7.4.4 on Windows. An unprivileged user can change a .exe configuration in xampp-contol.ini for all users (including admins) to enable arbitrary command execution.
CVSS 8.8
CVE-2021-35448 EXPLOITDB HIGH text WORKING POC
Emote Interactive Remote Mouse 3.008 - RCE
Emote Interactive Remote Mouse 3.008 on Windows allows attackers to execute arbitrary programs as Administrator by using the Image Transfer Folder feature to navigate to cmd.exe. It binds to local ports to listen for incoming connections.
CVSS 7.8
EIP-2026-110203 EXPLOITDB text WORKING POC
Online Voting System 1.0 - Remote Code Execution (Authenticated)
EIP-2026-110202 EXPLOITDB text WORKING POC
Online Voting System 1.0 - Authentication Bypass (SQLi)