CVE-2025-3020

An low privileged remote Attacker can execute arbitrary web scripts or HTML via a crafted payload injected into several fields of the configuration webpage with limited impact...

NSClient++ 0.5.2.35 - ExternalScripts Authenticated Remote Code Execution

This module allows an attacker with knowledge of the admin password of NSClient++ to start a privilege shell. For this module to work, both web interface of NSClient++ and ExternalScripts feature should be enabled. Module Options msf use exploit/windows/http/nscpauthenticatedrce msf...

Windows 10 - UAC Protection Bypass Via Windows Store (WSReset.exe) Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows 10 UAC Protection Bypass Via Windows Store WSReset.exe', 'Description' = %q This module exploits a flaw in the WSReset.exe Windows Store...

Microsoft Windows - UAC Protection Bypass (Via Slui File Handler Hijack) (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/exploit/exe' require 'msf/core/exploit/powershell' class MetasploitModule 'Windows UAC Protection Bypass Via Slui File Handler Hijack', 'Description' =...