Core Certified Exploits

We provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact keeps you there.

Subscribe to receive regular updates by email:

 

Browse All Exploits

 

 

Title Description Date Added CVE Link Exploit Platform Exploit Type
010 Editor wintab32 DLL Hijacking Exploit 010 Editor is prone to a vulnerability that may allow the execution of any library file named wintab32.dll, if this dll is located in the same folder than a .HEX file. December 2, 2010 Windows Exploits/Client Side
10-Strike LANState Local Buffer Overflow Exploit A Buffer Overflow exists when parsing .lsm files. The vulnerability is caused due to a boundary error when handling a crafted .lsm files. November 27, 2018 Windows Exploits / Client Side
3Com TFTP Transporting Mode Buffer Overflow Exploit This module exploits a buffer overflow vulnerability during the processing of TFTP Read/Write request packet types and cause a stack-based buffer overflow by sending a specially crafted packet with an overly long mode field. December 11, 2008 Windows Exploits/Remote
3D Life Player WebPlayer ActiveX Buffer Overflow Exploit A boundary error exists in the WebPlayer ActiveX control when processing the "SRC" property with an overly long string. May 22, 2012 Windows Exploits/Client Side
3S CoDeSys Gateway Server Arbitrary File Upload Exploit 3S Codesys Gateway Server is prone to a directory traversal vulnerability that allows arbitrary file creation. April 22, 2013 Windows Exploits/Remote
3S Pocketnet Tech VMS PocketNetNVRMediaClientAxCtrl.NVRMediaViewer.1 SaveCurrentImageEx Buffer Overflow Exploit The specific flaw exists within the PocketNetNVRMediaClientAxCtrl.NVRMediaViewer.1 control. The SaveCurrentImageEx method copies an attacker provided filename into a fixed size buffer. December 11, 2014 Windows Exploits/Client Side
3S-Smart Software Solutions GmbH CODESYS Web Server Upload Restricted File and Buffer Overflow Exploit A specially crafted web server request may allow the upload of arbitrary files to the CODESYS Web Server without authorization which may allow remote code execution.

A malicious user could overflow a buffer by providing overly long strings to functions that handle the XML. Because the function does not verify string size before copying to memory, the attacker may then be able to crash the application or run arbitrary code.
April 5, 2017 Windows Exploits / Remote
7T Interactive Graphical SCADA System IGSSdataServer Remote Buffer Overflow Exploit This module exploits a remote stack-based buffer overflow in IGSSdataServer by sending a malformed packet to the 12401/TCP port. April 18, 2011 Windows Exploits/Remote
7T Interactive Graphical SCADA System IGSSdataServer Remote Buffer Overflow Exploit Update This module exploits a remote stack-based buffer overflow in IGSSdataServer by sending a malformed packet to the 12401/TCP port. This version add CVE. May 25, 2011 Windows Exploits/Remote
7T Interactive Graphical SCADA System ODBC Server Remote Memory Corruption DoS This module exploits a memory corruption vulnerability in the IGSS ODBC Server by sending a malformed packet to the 20222/TCP port to crash the application. February 24, 2011 Windows Denial of Service/Remote
A-PDF WAV to MP3 Converter Buffer Overflow Exploit A-PDF WAV to MP3 Converter contains a buffer prone to exploitation via an crafted WAV file. August 19, 2010 Windows Exploits/Client Side
ABB MicroSCADA Wserver Buffer Overflow Exploit This vulnerability is a buffer overflow and allows remote attackers to execute arbitrary code on vulnerable installations of ABB MicroSCADA Wserver without authentication. The specific flaw exists within the wserver.exe component which listens on TCP port 12221. This component performs insufficient bounds checking on user-supplied data which results in stack buffer ovreflow. December 12, 2013 Windows Exploits/Remote
ABB Panel Builder bemodbus Heap Overflow Exploit ABB Panel Builder is prone to a Heap-Overflow when handling specially cracted .PBA files. September 11, 2018 Windows Exploits / Client Side
ABB Robot Communications Runtime Buffer Overflow Exploit A buffer overflow exists in a component of the Robot Communication Runtime used in some ABB programs for the communications to the IRC5, IRC5C, and IRC5P robot controllers. This version add CVE. June 24, 2012 Windows Exploits/Remote
ABBS Audio Media Player Buffer Overflow Exploit ABBS Audio Media Player contains a buffer prone to exploitation via an overly long string. The vulnerability is caused due to a boundary error in ABBS when handling .lst files. This can be exploited to cause a stack-based buffer overflow via a specially crafted .lst file. August 2, 2013 Windows Exploits/Client Side
ACDSee Canvas wintab32 DLL Hijacking Exploit ACDSee Canvas is prone to a vulnerability that may allow the execution of any library file named wintab32.dll, if this dll is located in the same folder than a .CVI file. December 5, 2010 Windows Exploits/Client Side
ACDSee FotoSlate dwmapi DLL Hijacking Exploit ACDSee FotoSlate is prone to a vulnerability that may allow the execution of any library file named dwmapi.dll, if this dll is located in the same folder than a .PLP file. September 7, 2011 Windows Exploits/Client Side
ACDSee FotoSlate PLP File Buffer Overflow Exploit The vulnerability is caused due to a boundary error when processing the "id" parameter in a Project (PLP) file. October 5, 2011 Windows Exploits/Client Side
ACDSee Photo Editor 2008 XMB File Buffer Overflow Exploit ACDSee Photo Editor is prone to a buffer-overflow vulnerability due to a boundary error when processing XBM image files. May 23, 2011 Windows Exploits/Client Side
ACDSee Products TIFF Buffer Overflow Exploit Multiple ACDSee products are prone to a buffer-overflow vulnerability because they fail to perform adequate boundary checks when processing a malformed TIF image. June 3, 2009 Windows Exploits/Client Side
ACDSee Products TIFF Buffer Overflow Exploit Update Multiple ACDSee products are prone to a buffer-overflow vulnerability because they fail to perform adequate boundary checks when processing a malformed TIFF image. This update adds support for older ACDSee versions. June 30, 2009 Windows Exploits/Client Side
ACDSee XPM File Handling Buffer Overflow Exploit This module exploits a vulnerability in ACDSee Products (ID_X.apl plugin). The vulnerability is caused due to boundary error in ID_X.apl within the processing of xpm files. This can be exploited to cause a stack-based buffer overflow when a specially crafted file is opened. February 26, 2008 Windows Exploits/Client Side
Achievo atksearch Cross Site Scripting Exploit A Reflected Cross Site Scripting vulnerability was found in the atksearch[contractnumber], atksearch_AE_customer[customer] and atksearchmode[contracttype] variables within the 'Organisation Contracts' administration page. This is because the application does not properly sanitise the users input. December 6, 2009 Exploits/Cross Site Scripting (XSS)/Known Vulnerabilities
Acoustica Beatcraft BCPROJ Buffer Overflow Exploit Acoustica Beatcraft contains a buffer prone to exploitation via an overly long string. The vulnerability is caused due to a boundary error in Acoustica Beatcraft when handling .BCPROJ files. September 28, 2008 Exploits/Client Side
Acoustica Mixcraft MX4 Buffer Overflow Exploit Acoustica Mixcraft is prone to a buffer-overflow vulnerability in the handling of .MX4 project files, because the application fails to bounds-check user-supplied data, before copying it into an insufficiently sized buffer. September 16, 2008 Windows Exploits/Client Side