San Francisco: +1 (415) 635 3784  |  Geneva: +41 (22) 723 2424   |  
ImmuniWeb®: Login | Register

Stay in touch

Enter your email and get the latest news and researches on cybersecurity, receive invitations to private security events and conferences.

High-Tech Bridge Security Advisories

Security Advisories
Released Patches


RCE in Zen Cart via Arbitrary File Inclusion Advisory ID: HTB23282
Last Change: December 16, 2015
CVE Reference: CVE-2015-8352
Vulnerable Version: 1.5.4
Risk Level: Critical
Path Traversal via CSRF in bitrix.xscan Bitrix Module Advisory ID: HTB23278
Last Change: December 9, 2015
CVE Reference: CVE-2015-8357
Vulnerable Version: 1.0.3
Risk Level: Medium
PHP File Inclusion in bitrix.mpbuilder Bitrix Module Advisory ID: HTB23281
Last Change: December 9, 2015
CVE Reference: CVE-2015-8358
Vulnerable Version: 1.0.10
Risk Level: Critical
Reflected XSS in Role Scoper WordPress Plugin Advisory ID: HTB23276
Last Change: November 19, 2015
CVE Reference: CVE-2015-8353
Vulnerable Version: 1.3.66
Risk Level: Medium
Reflected XSS in Ultimate Member WordPress Plugin Advisory ID: HTB23277
Last Change: November 19, 2015
CVE Reference: CVE-2015-8354
Vulnerable Version: 1.3.28
Risk Level: Medium
RCE and SQL injection via CSRF in Horde Groupware Advisory ID: HTB23272
Last Change: November 18, 2015
CVE Reference: CVE-2015-7984
Vulnerable Version: 5.2.10
Risk Level: High
Two Reflected XSS Vulnerabilities in Calls to Action WordPress plugin Advisory ID: HTB23274
Last Change: November 4, 2015
CVE Reference: CVE-2015-8350
Vulnerable Version: 2.4.3
Risk Level: Medium
Remote File Inclusion in Gwolle Guestbook WordPress Plugin Advisory ID: HTB23275
Last Change: November 4, 2015
CVE Reference: CVE-2015-8351
Vulnerable Version: 1.5.3
Risk Level: Critical
Cross-Site Request Forgery on Oxwall Advisory ID: HTB23266
Last Change: October 22, 2015
CVE Reference: CVE-2015-5534
Vulnerable Version: 1.7.4
Risk Level: High
Reflected Cross-Site Scripting (XSS) in SourceBans Advisory ID: HTB23273
Last Change: October 22, 2015
CVE Reference: CVE-2015-8349
Vulnerable Version: 1.4.11
Risk Level: Medium