Free Trial
Security Blog
Application Security Weekly Review, Week 8 2019
February 22, 2019
Application Security Weekly Review, Week 7 2019
February 15, 2019
Application Security Weekly Review, Week 6 2019
February 8, 2019
Top 10 most popular CMS under attack in 2018
February 5, 2019
Application Security Weekly Review, Week 5 2019
February 1, 2019
News and press releases
High-Tech Bridge named Innovator by SC Media Reboot 18
January 10, 2019
IDC names High-Tech Bridge a Mobile App Security Testing Innovator
December 19, 2018
Paul Wang joins High-Tech Bridge’s Advisory Board
November 1, 2018
High-Tech Bridge to Leverage AI and Big Data to Map Application Security Risks and Threats
October 24, 2018
High-Tech Bridge to Uberize AI for Application Security Testing
October 17, 2018
Stay in Touch

Application security insights and invitations to exclusive events in your inbox


Your data will stay confidential Private and Confidential

High-Tech Bridge > Security Advisories > Page 3

High-Tech Bridge Security Advisories

While testing and developing various vulnerability detection algorithms of ImmuniWeb®, we discovered hundreds of vulnerabilities in the most popular commercial and open source web applications and frameworks:


559
Security Advisories
Released
 357
Vendors
Released Patches
 1073
Vulnerabilities
Fixed
MS Sharepoint
Horde
DynamicsCRM
Bonitasoft
OSCommerce
Zencart
OpenX
osCmax
SugarCRM
Magento
OrangeHRM
Mantis
Wordpress
Joomla
MODX
Bitrix

Search

Multiple SQL Injection Vulnerabilities in mcart.xls Bitrix Module Advisory ID: HTB23279
Last Change: January 13, 2016
CVE Reference: CVE-2015-8356
Vulnerable Version: 6.5.2
Risk Level: Medium
Remote Code Execution in Roundcube Advisory ID: HTB23283
Last Change: January 13, 2016
CVE Reference: CVE-2015-8770
Vulnerable Version: 1.1.3
Risk Level: Medium
SQL Injection in orion.extfeedbackform Bitrix Module Advisory ID: HTB23280
Last Change: December 16, 2015
CVE Reference: CVE-2015-8355
Vulnerable Version: 2.1.2
Risk Level: Medium
RCE in Zen Cart via Arbitrary File Inclusion Advisory ID: HTB23282
Last Change: December 16, 2015
CVE Reference: CVE-2015-8352
Vulnerable Version: 1.5.4
Risk Level: Critical
Path Traversal via CSRF in bitrix.xscan Bitrix Module Advisory ID: HTB23278
Last Change: December 9, 2015
CVE Reference: CVE-2015-8357
Vulnerable Version: 1.0.3
Risk Level: Medium
PHP File Inclusion in bitrix.mpbuilder Bitrix Module Advisory ID: HTB23281
Last Change: December 9, 2015
CVE Reference: CVE-2015-8358
Vulnerable Version: 1.0.10
Risk Level: Critical
Reflected XSS in Role Scoper WordPress Plugin Advisory ID: HTB23276
Last Change: November 19, 2015
CVE Reference: CVE-2015-8353
Vulnerable Version: 1.3.66
Risk Level: Medium
Reflected XSS in Ultimate Member WordPress Plugin Advisory ID: HTB23277
Last Change: November 19, 2015
CVE Reference: CVE-2015-8354
Vulnerable Version: 1.3.28
Risk Level: Medium
RCE and SQL injection via CSRF in Horde Groupware Advisory ID: HTB23272
Last Change: November 18, 2015
CVE Reference: CVE-2015-7984
Vulnerable Version: 5.2.10
Risk Level: High
Two Reflected XSS Vulnerabilities in Calls to Action WordPress plugin Advisory ID: HTB23274
Last Change: November 4, 2015
CVE Reference: CVE-2015-8350
Vulnerable Version: 2.4.3
Risk Level: Medium
12345678910...56
Free Application Discovery
Learn More
Technology
ImmuniWeb® AI
Free Trial
Prices
ImmuniWeb® AI
Buy Now
Trial
High-Tech Bridge on Facebook High-Tech Bridge on Twitter High-Tech Bridge on LinkedIn High-Tech Bridge RSS Feeds Send by Email
Share

This website uses cookies to provide you with a better surfing experience. To learn more, please visit our Privacy Policy. By continuing to use this website you consent to our use of cookies.

Accept
Let's Talk
We are here to help _
Your business location: United States - English
Call us

We are here during standard business hours

+41 (22) 723 24 24 - Switzerland
+1 (415) 659 18 61 - US
Email us

We will back to your in one business day

Send us your question