adenkiewicz

6 exploits Active since May 2003
CVE-2021-26415 NOMISEC HIGH WRITEUP
Windows Installer - Elevation of Privilege via Improper Input Validation
Windows Installer Elevation of Privilege Vulnerability
4 stars
CVSS 7.8
CVE-2019-15511 NOMISEC HIGH WORKING POC
GOG Galaxy < 1.2.60 - Unauthenticated Local Privilege Escalation via TCP Packet Injection
An exploitable local privilege escalation vulnerability exists in the GalaxyClientService installed by GOG Galaxy. Due to Improper Access Control, an attacker can send unauthenticated local TCP packets to the service to gain SYSTEM privileges in Windows system where GOG Galaxy software is installed. All GOG Galaxy versions before 1.2.60 and all corresponding versions of GOG Galaxy 2.0 Beta are affected.
2 stars
CVSS 7.8
CVE-2017-9544 NOMISEC CRITICAL WORKING POC
EFS Software Easy Chat Server <3.1 - Buffer Overflow
There is a remote stack-based buffer overflow (SEH) in register.ghp in EFS Software Easy Chat Server versions 2.0 to 3.1. By sending an overly long username string to registresult.htm for registering the user, an attacker may be able to execute arbitrary code.
CVSS 9.8
CVE-2003-0264 NOMISEC WORKING POC
SLMail 5.1.0.4420 - Buffer Overflow
Multiple buffer overflows in SLMail 5.1.0.4420 allows remote attackers to execute arbitrary code via (1) a long EHLO argument to slmail.exe, (2) a long XTRN argument to slmail.exe, (3) a long string to POPPASSWD, or (4) a long password to the POP3 server.
CVE-2006-3592 NOMISEC WORKING POC
Cisco Unified CallManager <5.0(3a) - Privilege Escalation
Unspecified vulnerability in the command line interface (CLI) in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows local users to execute arbitrary commands with elevated privileges via unspecified vectors, involving "certain CLI commands," aka bug CSCse11005.
CVE-2009-1330 NOMISEC WORKING POC
Easy RM to MP3 Converter - Stack-based Buffer Overflow via Long Filename in Playlist File
Stack-based buffer overflow in Easy RM to MP3 Converter allows remote attackers to execute arbitrary code via a long filename in a playlist (.pls) file.