Stay in touch with us: Facebook | Twitter | LinkedIn | Newsletter
ImmuniWeb® by High-Tech Bridge

High-Tech Bridge Newsletter

Subscribe to our newsletter and receive some or all of our corporate news, invitations to security events or HTB Security Advisories – you choose what you want to receive.

High-Tech Bridge Security Advisories

Vulnerabilities that our security researchers discover almost every week, help software vendors to improve security and reliability of their products. Above 300 large vendors fixed security vulnerabilities thanks to High-Tech Bridge Security Research Lab, including Microsoft, IBM, Novell, McAfee, Sony, HP, Samsung, PHP, OpenOffice, Corel, WordPress, Joomla, OpenX, SugarCRM, MantisBT, e107, MODX, Bitrix, pfSense, OrangeHRM, vtiger, XOOPS, LibreOffice, UMI.CMS, ImageCMS, FreePBX, PHPList, Revive, EGroupware and many others.

513 Security Advisories
323 Vendors
Released Patches
1012 Vulnerabilities


Reflected Cross-Site Scripting (XSS) in BlackCat CMS Advisory ID: HTB23228
Last Change: September 3, 2014
CVE Reference: CVE-2014-5259
Vulnerable Version: 1.0.3
Risk Level: Medium

SQL Injection Vulnerability in ArticleFR Advisory ID: HTB23225
Last Change: August 20, 2014
CVE Reference: CVE-2014-5097
Vulnerable Version: 3.0.4
Risk Level: High

Reflected Cross-Site Scripting (XSS) in Jamroom Advisory ID: HTB23224
Last Change: August 13, 2014
CVE Reference: CVE-2014-5098
Vulnerable Version: 5.2.6
Risk Level: Medium

Improper Access Control in ArticleFR Advisory ID: HTB23219
Last Change: July 30, 2014
CVE Reference: CVE-2014-4170
Vulnerable Version: 11.06.2014
Risk Level: High

SQL Injection in Е2 Advisory ID: HTB23222
Last Change: July 23, 2014
CVE Reference: CVE-2014-4736
Vulnerable Version: v2844
Risk Level: High

Reflected Cross-Site Scripting (XSS) in e107 Advisory ID: HTB23220
Last Change: July 16, 2014
CVE Reference: CVE-2014-4734
Vulnerable Version: 2.0 alpha2
Risk Level: Low

Cross-Site Request Forgery (CSRF) in Kanboard Advisory ID: HTB23217
Last Change: July 2, 2014
CVE Reference: CVE-2014-3920
Vulnerable Version: 1.0.5
Risk Level: Medium

Unrestricted Upload of File with Dangerous Type in BoltWire Advisory ID: HTB23218
Last Change: July 2, 2014
CVE Reference: CVE-2014-4169
Vulnerable Version: 4.10
Risk Level: Critical

Reflected Cross-Site Scripting (XSS) Vulnerability in Storesprite Advisory ID: HTB23215
Last Change: June 25, 2014
CVE Reference: CVE-2014-3737
Vulnerable Version: 7
Risk Level: Medium

Multiple SQL Injection Vulnerabilities in web2Project Advisory ID: HTB23213
Last Change: June 18, 2014
CVE Reference: CVE-2014-3119
Vulnerable Version: 3.1
Risk Level: High