SearchSecurity Blog
May 25, 2017
May 23, 2017
May 18, 2017
May 16, 2017
May 11, 2017
High-Tech Bridge Security Advisories
| 559 Security Advisories Released | 357 Vendors Released Patches | 1073 Vulnerabilities Fixed |
Search
Remote Code Execution in Roundcube Advisory ID: HTB23283
Last Change: January 13, 2016
Vulnerable Version: 1.1.3
Risk Level: Medium
Last Change: January 13, 2016
| CVE Reference: | CVE-2015-8770 |
Risk Level: Medium
Two CSRF Vulnerabilities in Magento Advisory ID: HTB23270
Last Change: December 21, 2015
Vulnerable Version: 1.9.2.1
Risk Level: Medium
Last Change: December 21, 2015
| CVE Reference: | Assigned [To be disclosed on May 31, 2017] |
Risk Level: Medium
SQL Injection in orion.extfeedbackform Bitrix Module Advisory ID: HTB23280
Last Change: December 16, 2015
Vulnerable Version: 2.1.2
Risk Level: Medium
Last Change: December 16, 2015
| CVE Reference: | CVE-2015-8355 |
Risk Level: Medium
RCE in Zen Cart via Arbitrary File Inclusion Advisory ID: HTB23282
Last Change: December 16, 2015
Vulnerable Version: 1.5.4
Risk Level: Critical
Last Change: December 16, 2015
| CVE Reference: | CVE-2015-8352 |
Risk Level: Critical
Path Traversal via CSRF in bitrix.xscan Bitrix Module Advisory ID: HTB23278
Last Change: December 9, 2015
Vulnerable Version: 1.0.3
Risk Level: Medium
Last Change: December 9, 2015
| CVE Reference: | CVE-2015-8357 |
Risk Level: Medium
PHP File Inclusion in bitrix.mpbuilder Bitrix Module Advisory ID: HTB23281
Last Change: December 9, 2015
Vulnerable Version: 1.0.10
Risk Level: Critical
Last Change: December 9, 2015
| CVE Reference: | CVE-2015-8358 |
Risk Level: Critical
Reflected XSS in Role Scoper WordPress Plugin Advisory ID: HTB23276
Last Change: November 19, 2015
Vulnerable Version: 1.3.66
Risk Level: Medium
Last Change: November 19, 2015
| CVE Reference: | CVE-2015-8353 |
Risk Level: Medium
Reflected XSS in Ultimate Member WordPress Plugin Advisory ID: HTB23277
Last Change: November 19, 2015
Vulnerable Version: 1.3.28
Risk Level: Medium
Last Change: November 19, 2015
| CVE Reference: | CVE-2015-8354 |
Risk Level: Medium
RCE and SQL injection via CSRF in Horde Groupware Advisory ID: HTB23272
Last Change: November 18, 2015
Vulnerable Version: 5.2.10
Risk Level: High
Last Change: November 18, 2015
| CVE Reference: | CVE-2015-7984 |
Risk Level: High
Two Reflected XSS Vulnerabilities in Calls to Action WordPress plugin Advisory ID: HTB23274
Last Change: November 4, 2015
Vulnerable Version: 2.4.3
Risk Level: Medium
Last Change: November 4, 2015
| CVE Reference: | CVE-2015-8350 |
Risk Level: Medium