Salman Asad (@deathflash1411) a.k.a LeoBreaker

8 exploits Active since Apr 2020
CVE-2022-25012 NOMISEC MEDIUM WORKING POC
Argussurveillance Dvr - Weak Encryption
Argus Surveillance DVR v4.0 employs weak password encryption.
CVSS 5.5
CVE-2020-11107 NOMISEC HIGH WORKING POC
XAMPP <7.2.29, <7.3.16, <7.4.4 - Command Injection
An issue was discovered in XAMPP before 7.2.29, 7.3.x before 7.3.16 , and 7.4.x before 7.4.4 on Windows. An unprivileged user can change a .exe configuration in xampp-contol.ini for all users (including admins) to enable arbitrary command execution.
CVSS 8.8
CVE-2022-25012 EXPLOITDB MEDIUM python WORKING POC
Argussurveillance Dvr - Weak Encryption
Argus Surveillance DVR v4.0 employs weak password encryption.
CVSS 5.5
CVE-2020-11107 EXPLOITDB HIGH powershell WORKING POC
XAMPP <7.2.29, <7.3.16, <7.4.4 - Command Injection
An issue was discovered in XAMPP before 7.2.29, 7.3.x before 7.3.16 , and 7.4.x before 7.4.4 on Windows. An unprivileged user can change a .exe configuration in xampp-contol.ini for all users (including admins) to enable arbitrary command execution.
CVSS 8.8
CVE-2021-35448 EXPLOITDB HIGH text WORKING POC
Emote Interactive Remote Mouse 3.008 - RCE
Emote Interactive Remote Mouse 3.008 on Windows allows attackers to execute arbitrary programs as Administrator by using the Image Transfer Folder feature to navigate to cmd.exe. It binds to local ports to listen for incoming connections.
CVSS 7.8
EIP-2026-116810 EXPLOITDB text WRITEUP
Argus Surveillance DVR 4.0 - Unquoted Service Path
EIP-2026-110202 EXPLOITDB text WORKING POC
Online Voting System 1.0 - Authentication Bypass (SQLi)
EIP-2026-110203 EXPLOITDB text WORKING POC
Online Voting System 1.0 - Remote Code Execution (Authenticated)