sailay1996

11 exploits Active since Feb 2020
CVE-2020-1337 NOMISEC HIGH WORKING POC
Windows Print Spooler - Privilege Escalation via Arbitrary File Write
An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted script or application. The update addresses the vulnerability by correcting how the Windows Print Spooler Component writes to the file system.
171 stars
CVSS 7.8
CVE-2021-1675 NOMISEC HIGH WORKING POC
Windows Print Spooler - Remote Code Execution
Windows Print Spooler Remote Code Execution Vulnerability
77 stars
CVSS 7.8
CVE-2022-21882 NOMISEC HIGH WORKING POC
Win32k ConsoleControl Offset Confusion
Win32k Elevation of Privilege Vulnerability
49 stars
CVSS 7.0
CVE-2025-53772 NOMISEC HIGH WORKING POC
Web Deploy 4.0 < 10.0.2001 - Authenticated Remote Code Execution via Untrusted Data Deserialization
Deserialization of untrusted data in Web Deploy allows an authorized attacker to execute code over a network.
46 stars
CVSS 8.8
CVE-2020-8950 NOMISEC HIGH WRITEUP
AMD User Experience Program < 1.0.0.1 - Privilege Escalation via Symbolic Link in Upload Directory
The AUEPLauncher service in Radeon AMD User Experience Program Launcher through 1.0.0.1 on Windows allows elevation of privilege by placing a crafted file in %PROGRAMDATA%\AMD\PPC\upload and then creating a symbolic link in %PROGRAMDATA%\AMD\PPC\temp that points to an arbitrary folder with an arbitrary file name.
29 stars
CVSS 7.8
CVE-2025-53772 PATCHAPALOOZA HIGH WORKING POC
Web Deploy 4.0 < 10.0.2001 - Authenticated Remote Code Execution via Untrusted Data Deserialization
Deserialization of untrusted data in Web Deploy allows an authorized attacker to execute code over a network.
CVSS 8.8
CVE-2020-1337 METASPLOIT HIGH ruby WORKING POC
Windows Print Spooler - Privilege Escalation via Arbitrary File Write
An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted script or application. The update addresses the vulnerability by correcting how the Windows Print Spooler Component writes to the file system.
CVSS 7.8
EIP-2026-117555 EXPLOITDB ruby WORKING POC
Microsoft Windows 10 - UAC Protection Bypass Via Microsoft Windows Store (WSReset.exe) and Registry (Metasploit)
EIP-2026-117554 EXPLOITDB ruby WORKING POC
Microsoft Windows 10 - UAC Protection Bypass Via Microsoft Windows Store (WSReset.exe) and Registry (Metasploit)
EIP-2026-117553 EXPLOITDB ruby WORKING POC
Microsoft Windows 10 - UAC Protection Bypass Via Microsoft Windows Store (WSReset.exe) (Metasploit)
EIP-2026-117552 EXPLOITDB ruby WORKING POC
Microsoft Windows 10 - UAC Protection Bypass Via Microsoft Windows Store (WSReset.exe) (Metasploit)