Stay in touch with us: Facebook | Twitter | LinkedIn | Newsletter
ImmuniWeb® by High-Tech Bridge

High-Tech Bridge Newsletter

Subscribe to our newsletter and receive some or all of our corporate news, invitations to security events or HTB Security Advisories – you choose what you want to receive.

High-Tech Bridge Security Advisories

Almost every week High-Tech Bridge's security experts discover new vulnerabilities in popular software, helping software companies and vendors to improve security and reliability of their products. Above 300 major vendors fixed security vulnerabilities thanks to High-Tech Bridge's security advisories:

520 Security Advisories
325 Vendors
Released Patches
1020 Vulnerabilities


Use-After-Free in PHP Advisory ID: HTB23262
Last Change: May 20, 2015
Vulnerable Version: 5.6.9
Risk Level: Medium

OS Command Injection in Vesta Control Panel Advisory ID: HTB23261
Last Change: May 20, 2015
Vulnerable Version: 0.9.8
Risk Level: Critical

Multiple Vulnerabilities in ISPConfig Advisory ID: HTB23260
Last Change: May 20, 2015
Vulnerable Version:
Risk Level: High

Stored XSS in WP Photo Album Plus WordPress Plugin Advisory ID: HTB23257
Last Change: May 20, 2015
CVE Reference: CVE-2015-3647
Vulnerable Version: 6.1.2
Risk Level: Medium

Arbitrary File Disclosure and Open Redirect in Bonita BPM Advisory ID: HTB23259
Last Change: May 7, 2015
CVE References: Assigned [To be disclosed on May 28, 2015]
Vulnerable Version: 6.5.1 and probably prior
Risk Level: High

Local PHP File Inclusion in ResourceSpace Advisory ID: HTB23258
Last Change: May 6, 2015
CVE Reference: Assigned [To be disclosed on June 3, 2015]
Vulnerable Version: 7.1.6513
Risk Level: High

Arbitrary Variable Overwrite in eShop WordPress Plugin Advisory ID: HTB23255
Last Change: May 6, 2015
CVE Reference: CVE-2015-3421
Vulnerable Version: 6.3.11
Risk Level: Medium

Multiple Vulnerabilities in TheCartPress WordPress plugin Advisory ID: HTB23254
Last Change: April 29, 2015
CVE References: CVE-2015-3301
Vulnerable Version: 1.3.9
Risk Level: High

Reflected Cross-Site Scripting (XSS) in SearchBlox Advisory ID: HTB23256
Last Change: April 22, 2015
CVE Reference: Assigned [To be disclosed on June 15, 2015]
Vulnerable Version: 8.2
Risk Level: Low

Multiple Cross-Site Scripting (XSS) in FreePBX Advisory ID: HTB23253
Last Change: April 22, 2015
CVE Reference: CVE-2015-2690
Vulnerable Version: 12.0.43
Risk Level: Low