Stay in touch

Enter your email and get the latest news and researches on cybersecurity, receive invitations to private security events and conferences.

High-Tech Bridge Security Advisories

While testing and developing various vulnerability detection algorithms of ImmuniWeb®, we discovered hundreds of vulnerabilities in the most popular commercial and open source web applications and frameworks:


559
Security Advisories
Released
357
Vendors
Released Patches
1073
Vulnerabilities
Fixed
MS Sharepoint
Horde
DynamicsCRM
Bonitasoft
OSCommerce
Zencart
OpenX
osCmax
SugarCRM
Magento
OrangeHRM
Mantis
Wordpress
Joomla
MODX
Bitrix

Search

SQL Injection in Е2 Advisory ID: HTB23222
Last Change: July 23, 2014
CVE Reference: CVE-2014-4736
Vulnerable Version: v2844
Risk Level: High
Reflected Cross-Site Scripting (XSS) in e107 Advisory ID: HTB23220
Last Change: July 16, 2014
CVE Reference: CVE-2014-4734
Vulnerable Version: 2.0 alpha2
Risk Level: Low
Cross-Site Request Forgery (CSRF) in Kanboard Advisory ID: HTB23217
Last Change: July 2, 2014
CVE Reference: CVE-2014-3920
Vulnerable Version: 1.0.5
Risk Level: Medium
Unrestricted Upload of File with Dangerous Type in BoltWire Advisory ID: HTB23218
Last Change: July 2, 2014
CVE Reference: CVE-2014-4169
Vulnerable Version: 4.10
Risk Level: Critical
Reflected Cross-Site Scripting (XSS) Vulnerability in Storesprite Advisory ID: HTB23215
Last Change: June 25, 2014
CVE Reference: CVE-2014-3737
Vulnerable Version: 7
Risk Level: Medium
Multiple SQL Injection Vulnerabilities in web2Project Advisory ID: HTB23213
Last Change: June 18, 2014
CVE Reference: CVE-2014-3119
Vulnerable Version: 3.1
Risk Level: High
SQL Injection in Dolphin Advisory ID: HTB23216
Last Change: June 18, 2014
CVE Reference: CVE-2014-3810
Vulnerable Version: 7.1.4
Risk Level: Medium
Multiple vulnerabilities in Sharetronix Advisory ID: HTB23214
Last Change: May 28, 2014
CVE References: CVE-2014-3414
CVE-2014-3415
Vulnerable Version: 3.3
Risk Level: High
Two Cross-Site Scripting (XSS) Vulnerabilities in Seo Panel Advisory ID: HTB23200
Last Change: May 16, 2014
CVE Reference: CVE-2014-1855
Vulnerable Version: 3.4.0
Risk Level: Medium
CSRF and Remote Code Execution in EGroupware Advisory ID: HTB23212
Last Change: May 14, 2014
CVE References: CVE-2014-2987
CVE-2014-2988
Vulnerable Version: 1.8.006 community edition
Risk Level: High