December 7, 2017
December 5, 2017
November 30, 2017
November 28, 2017
November 23, 2017
Multiple SQL Injections in Open Source Bike Share
|Product:||Open Source Bike Share|
|Vendor:||Open Source Bike Share|
|Vulnerable Versions:||16.09.15 and probably prior|
|Advisory Publication:||September 16, 2015 [without technical details]|
|Vendor Notification:||September 16, 2015|
|Public Disclosure:||December 20, 2017|
|Latest Update:||September 27, 2016|
|Vulnerability Type:||SQL Injection [CWE-89]|
|CVE Reference:||Assigned [To be disclosed on December 20, 2017]|
|CVSSv3 Base Score:||To be disclosed on December 20, 2017|
|Discovered and Provided:||High-Tech Bridge Security Research Lab|
To be disclosed on December 20, 2017 [Disclosure Policy]
|Vendor notified, awaiting vendor solution.|
| High-Tech Bridge Advisory HTB23271 - https://www.htbridge.com/advisory/HTB23271 - Multiple SQL Injections in Open Source Bike Share.|
 Open Source Bike Share - http://OpenSourceBikeShare.com - The world's first low-cost and open source bike sharing system.
 Common Vulnerabilities and Exposures (CVE) - http://cve.mitre.org/ - international in scope and free for public use, CVE® is a dictionary of publicly known information security vulnerabilities and exposures.
 Common Weakness Enumeration (CWE) - http://cwe.mitre.org - targeted to developers and security practitioners, CWE is a formal list of software weakness types.
 ImmuniWeb® - Leveraging the power of machine-learning and genius of human brain to deliver the most advanced web application security and penetration testing.
 Free SSL/TLS Server test - Test SSL/TLS encryption reliability and security of your web or email server, verify compliance with PCI DSS, HIPAA and NIST.