San Francisco: +1 (415) 635 3784  |  Geneva: +41 (22) 723 2424   |  
ImmuniWeb®: Login | Register
ImmuniWeb® by High-Tech Bridge

Stay in touch

Enter your email and get the latest news and researches on cybersecurity, receive invitations to private security events and conferences.

High-Tech Bridge Security Advisories

Security Advisories
Released Patches


Cross-Site Request Forgery on Oxwall Advisory ID: HTB23266
Last Change: October 22, 2015
CVE Reference: CVE-2015-5534
Vulnerable Version: 1.7.4
Risk Level: High

Reflected Cross-Site Scripting (XSS) in SourceBans Advisory ID: HTB23273
Last Change: October 22, 2015
CVE Reference: CVE-2015-8349
Vulnerable Version: 1.4.11
Risk Level: Medium

Reflected Cross-Site Scripting (XSS) in iTop Advisory ID: HTB23268
Last Change: September 23, 2015
CVE Reference: CVE-2015-6544
Vulnerable Version: 2.1.0-2127
Risk Level: Medium

Multiple SQL Injections in Open Source Bike Share Advisory ID: HTB23271
Last Change: September 16, 2015
CVE Reference: Assigned [To be disclosed on December 9, 2015]
Vulnerable Version: 16.09.15
Risk Level: High

Two CSRF Vulnerabilities in Magento Advisory ID: HTB23270
Last Change: September 7, 2015
CVE Reference: Assigned [To be disclosed on December 16, 2015]
Vulnerable Version:
Risk Level: Medium

Cross-Site Request Forgery in Cerb Advisory ID: HTB23269
Last Change: September 2, 2015
CVE Reference: CVE-2015-6545
Vulnerable Version: 7.0.3
Risk Level: Medium

Cross-Site Scripting (XSS) in qTranslate WordPress Plugin Advisory ID: HTB23265
Last Change: July 29, 2015
CVE Reference: CVE-2015-5535
Vulnerable Version: 2.5.39
Risk Level: Medium

Multiple XSS Vulnerabilities in Paid Memberships Pro WordPress Plugin Advisory ID: HTB23264
Last Change: July 22, 2015
CVE Reference: CVE-2015-5532
Vulnerable Version:
Risk Level: Medium

SQL Injection in Count Per Day WordPress Plugin Advisory ID: HTB23267
Last Change: July 22, 2015
CVE Reference: CVE-2015-5533
Vulnerable Version: 3.4
Risk Level: Medium

Path Traversal in BlackCat CMS Advisory ID: HTB23263
Last Change: July 1, 2015
CVE Reference: CVE-2015-5079
Vulnerable Version: 1.1.1
Risk Level: High