February 22, 2019
February 15, 2019
February 8, 2019
February 5, 2019
February 1, 2019
News and press releases
January 10, 2019
December 19, 2018
November 1, 2018
October 24, 2018
October 17, 2018
High-Tech Bridge Security Advisories
While testing and developing various vulnerability detection algorithms of ImmuniWeb®, we discovered hundreds of vulnerabilities in the most popular commercial and open source web applications and frameworks:
559 Security Advisories Released | 357 Vendors Released Patches | 1073 Vulnerabilities Fixed |










Search
Multiple SQL Injection Vulnerabilities in mcart.xls Bitrix Module Advisory ID: HTB23279
Last Change: January 13, 2016
Vulnerable Version: 6.5.2
Risk Level: Medium

Last Change: January 13, 2016
CVE Reference: | CVE-2015-8356 |
Risk Level: Medium

Remote Code Execution in Roundcube Advisory ID: HTB23283
Last Change: January 13, 2016
Vulnerable Version: 1.1.3
Risk Level: Medium

Last Change: January 13, 2016
CVE Reference: | CVE-2015-8770 |
Risk Level: Medium

SQL Injection in orion.extfeedbackform Bitrix Module Advisory ID: HTB23280
Last Change: December 16, 2015
Vulnerable Version: 2.1.2
Risk Level: Medium

Last Change: December 16, 2015
CVE Reference: | CVE-2015-8355 |
Risk Level: Medium

RCE in Zen Cart via Arbitrary File Inclusion Advisory ID: HTB23282
Last Change: December 16, 2015
Vulnerable Version: 1.5.4
Risk Level: Critical

Last Change: December 16, 2015
CVE Reference: | CVE-2015-8352 |
Risk Level: Critical

Path Traversal via CSRF in bitrix.xscan Bitrix Module Advisory ID: HTB23278
Last Change: December 9, 2015
Vulnerable Version: 1.0.3
Risk Level: Medium

Last Change: December 9, 2015
CVE Reference: | CVE-2015-8357 |
Risk Level: Medium

PHP File Inclusion in bitrix.mpbuilder Bitrix Module Advisory ID: HTB23281
Last Change: December 9, 2015
Vulnerable Version: 1.0.10
Risk Level: Critical

Last Change: December 9, 2015
CVE Reference: | CVE-2015-8358 |
Risk Level: Critical

Reflected XSS in Role Scoper WordPress Plugin Advisory ID: HTB23276
Last Change: November 19, 2015
Vulnerable Version: 1.3.66
Risk Level: Medium

Last Change: November 19, 2015
CVE Reference: | CVE-2015-8353 |
Risk Level: Medium

Reflected XSS in Ultimate Member WordPress Plugin Advisory ID: HTB23277
Last Change: November 19, 2015
Vulnerable Version: 1.3.28
Risk Level: Medium

Last Change: November 19, 2015
CVE Reference: | CVE-2015-8354 |
Risk Level: Medium

RCE and SQL injection via CSRF in Horde Groupware Advisory ID: HTB23272
Last Change: November 18, 2015
Vulnerable Version: 5.2.10
Risk Level: High

Last Change: November 18, 2015
CVE Reference: | CVE-2015-7984 |
Risk Level: High

Two Reflected XSS Vulnerabilities in Calls to Action WordPress plugin Advisory ID: HTB23274
Last Change: November 4, 2015
Vulnerable Version: 2.4.3
Risk Level: Medium

Last Change: November 4, 2015
CVE Reference: | CVE-2015-8350 |
Risk Level: Medium
