San Francisco: +1 (415) 635 3784  |  Geneva: +41 (22) 723 2424   |  
ImmuniWeb®: Login | Register
ImmuniWeb® by High-Tech Bridge

Stay in touch

Enter your email and get the latest news and researches on cybersecurity, receive invitations to private security events and conferences.

High-Tech Bridge Security Advisories

Security Advisories
Released Patches


SQL Injection in Count Per Day WordPress Plugin Advisory ID: HTB23267
Last Change: July 22, 2015
CVE Reference: CVE-2015-5533
Vulnerable Version: 3.4
Risk Level: Medium

Path Traversal in BlackCat CMS Advisory ID: HTB23263
Last Change: July 1, 2015
CVE Reference: CVE-2015-5079
Vulnerable Version: 1.1.1
Risk Level: High

Reflected Cross-Site Scripting (XSS) in SearchBlox Advisory ID: HTB23256
Last Change: June 17, 2015
CVE Reference: CVE-2015-3422
Vulnerable Version: 8.2
Risk Level: Low

OS Command Injection in Vesta Control Panel Advisory ID: HTB23261
Last Change: June 17, 2015
CVE Reference: CVE-2015-4117
Vulnerable Version: 0.9.8
Risk Level: Critical

Arbitrary File Disclosure and Open Redirect in Bonita BPM Advisory ID: HTB23259
Last Change: June 10, 2015
CVE References: CVE-2015-3897
Vulnerable Version: 6.5.1 and probably prior
Risk Level: High

Multiple Vulnerabilities in ISPConfig Advisory ID: HTB23260
Last Change: June 10, 2015
CVE References: CVE-2015-4118
Vulnerable Version:
Risk Level: High

Use-After-Free in PHP Advisory ID: HTB23262
Last Change: June 10, 2015
CVE Reference: CVE-2015-4116
Vulnerable Version: 5.6.9
Risk Level: Medium

Local PHP File Inclusion in ResourceSpace Advisory ID: HTB23258
Last Change: June 3, 2015
CVE Reference: CVE-2015-3648
Vulnerable Version: 7.1.6513
Risk Level: High

Stored XSS in WP Photo Album Plus WordPress Plugin Advisory ID: HTB23257
Last Change: May 20, 2015
CVE Reference: CVE-2015-3647
Vulnerable Version: 6.1.2
Risk Level: Medium

Arbitrary Variable Overwrite in eShop WordPress Plugin Advisory ID: HTB23255
Last Change: May 6, 2015
CVE Reference: CVE-2015-3421
Vulnerable Version: 6.3.11
Risk Level: Medium