what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 578 RSS Feed

Files from High-Tech Bridge SA

Real NameHigh-Tech Bridge SA
Email addressadvisory at htbridge.com
Websitewww.htbridge.com
First Active2010-04-20
Last Active2016-08-03
View User Profile

Personal Background

High-Tech Bridge SA (htbridge.com) provides businesses and organizations with world-class information security services. High-Tech Bridge Security Research Lab (unit of High-Tech Bridge's R&D Department) regularly releases HTB Advisories that are aimed to to help various software vendors to improve security of their products. High-Tech Bridge's auditors also try to share their knowledge with the industry by publishing White Papers on information security and ethical hacking topics.


Atutor 2.2.1 Path Traversal
Posted Aug 3, 2016
Authored by High-Tech Bridge SA | Site htbridge.com

Atutor version 2.2.1 suffers from a path traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | 7d2dc31a94a36d60ffffd314cd5eefeb8657f7e9d1c878147cc716b00e4d2e23
GLPI 0.90.2 SQL Injection
Posted Apr 29, 2016
Authored by High-Tech Bridge SA | Site htbridge.com

GLPI version 0.90.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 0a52a7fa8c4afcded04b0fa0b0ab812aee4b472f7d4fb50e3c3e6e43d1e28060
phpMyFAQ 2.8.26 / 2.9.0-RC2 Cross Site Request Forgery
Posted Apr 20, 2016
Authored by High-Tech Bridge SA | Site htbridge.com

phpMyFAQ versions 2.8.26 and 2.9.0-RC2 suffer from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | b4b19a666863c0731be2d532693b5b2ccf810e9441b2e6245193a4737cfe146a
Webligo SocialEngine 4.8.9 SQL Injection
Posted Apr 6, 2016
Authored by High-Tech Bridge SA | Site htbridge.com

Webligo SocialEngine version 4.8.9 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 23d7b324c1f00d120d482272b68f715bc252d57f6a4a0e8541edcafd5c706d24
CubeCart 6.0.10 CSRF / XSS / SQL Injection
Posted Mar 30, 2016
Authored by High-Tech Bridge SA | Site htbridge.com

CubeCart version 6.0.10 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection, csrf
SHA-256 | 3dca54cdd3a351d32b94d67ca282145aea98405b953947e783751533ae0c5b89
WebsiteBaker CMS 2.8.3-SP5 SQL Injection
Posted Mar 19, 2016
Authored by High-Tech Bridge SA | Site htbridge.com

WebsiteBaker CMS version 2.8.3-SP5 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | d8c88cbdb9744e1a26af7b80ce4fe6fe1b5c53888b9441fc5f1c76364d300b27
Dating Pro Genie 2015.7 Cross Site Request Forgery
Posted Mar 19, 2016
Authored by High-Tech Bridge SA | Site htbridge.com

High-Tech Bridge Security Research Lab discovered multiple cross site request forgery (CSRF) vulnerabilities in a popular dating social network Dating Pro. A remote unauthenticated attacker can perform CSRF attacks to change administrator's credentials and execute arbitrary system commands. Successful exploitation of the vulnerability may allow attacker to gain complete control over the vulnerable website, all its users and databases. suffers from a cross site request forgery vulnerability.

tags | exploit, remote, arbitrary, vulnerability, csrf
SHA-256 | 9b0685fd87ae9a98fe16f9d776280dfa8f697c3ea2872fce79f19f41bb912245
iTop 2.2.1 Cross Site Request Forgery
Posted Mar 19, 2016
Authored by High-Tech Bridge SA | Site htbridge.com

High-Tech Bridge Security Research Lab discovered a remote code execution vulnerability in iTop that is exploitable via cross site request forgery flaw that is also present in the application. The vulnerability exists due to absence of validation of HTTP request origin in "/env-production/itop-config/config.php" script, as well as lack of user-input sanitization received via "new_config" HTTP POST parameter.

tags | exploit, remote, web, php, code execution, csrf
SHA-256 | 2a57050bf2377c2df7b28c31e707efa2cf5ea74cb641059629604c7bdc0bd715
WeBid 1.1.2P2 SQL Injection
Posted Feb 18, 2016
Authored by High-Tech Bridge SA | Site htbridge.com

WeBid version 1.1.2P2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 4c445d18ff897468b32229c61b93169d17ee6ba88ec405da9f786b7a7906b6fd
webSPELL 4.2.4 Cross Site Request Forgery / SQL Injection
Posted Feb 18, 2016
Authored by High-Tech Bridge SA | Site htbridge.com

webSPELL version 4.2.4 suffers from cross site request forgery and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, csrf
SHA-256 | 2291468cde58eae41054890b9e25d4217654ae9d0f8b7b9e749e1192bdcd7e44
DOKEOS ce30 Authentication Bypass
Posted Feb 18, 2016
Authored by High-Tech Bridge SA | Site htbridge.com

DOKEOS version ce30 suffers from an authentication bypass vulnerability.

tags | exploit, bypass
SHA-256 | e0d80f4d11e0f37a08bd45c5adf3616f68bc949b8f350966e67ed9a9b99c6a86
TestLink 1.9.14 SQL Injection
Posted Feb 18, 2016
Authored by High-Tech Bridge SA | Site htbridge.com

TestLink version 1.9.14 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 91d1c80956419cb3834dcfcd444983fe9cb7d79deae450a0f99e91da4a1bf961
Osclass 3.5.9 SQL Injection
Posted Feb 18, 2016
Authored by High-Tech Bridge SA | Site htbridge.com

Osclass version 3.5.9 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 1873a8e1196208b1b465380f46ad84e72520251b671aaa4c7dd577b9cff925a1
osCmax 2.5.4 Code Execution / CSRF / Local File Inclusion
Posted Feb 18, 2016
Authored by High-Tech Bridge SA | Site htbridge.com

osCmax version 2.5.4 suffers from code execution, cross site request forgery, and local file inclusion vulnerabilities.

tags | exploit, local, vulnerability, code execution, file inclusion, csrf
SHA-256 | 4ad8190811bf2819eca13b86515ec3b6f35acf38818dc02e5c40e799d449f463
osCommerce 2.3.4 Local File Inclusion / Cross Site Request Forgery
Posted Feb 18, 2016
Authored by High-Tech Bridge SA | Site htbridge.com

osCommerce version 2.3.4 suffers from cross site request forgery and local file inclusion vulnerabilities.

tags | exploit, local, vulnerability, file inclusion, csrf
SHA-256 | 0590c4c85647c5c0a02e877aee9bff53f2ee293542d8d20f50cdb9048d52be0f
Exponent 2.3.7 PHP Code Execution
Posted Feb 11, 2016
Authored by High-Tech Bridge SA | Site htbridge.com

Exponent version 2.3.7 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2016-2242
SHA-256 | c860521e13cb68a7d5e2065b83c714419c3402786742f17f19e96a31700e22cc
Roundcube 1.1.3 Path Traversal
Posted Jan 15, 2016
Authored by High-Tech Bridge SA | Site htbridge.com

Roundcube version 1.1.3 suffers from a path traversal vulnerability.

tags | exploit, file inclusion
advisories | CVE-2015-8770
SHA-256 | 6551689ab0f8ab20c15662733c86a38c232df6050526b42e48f077a5a32b41e9
Bitrix mcart.xls 6.5.2 SQL Injection
Posted Jan 14, 2016
Authored by High-Tech Bridge SA | Site htbridge.com

Bitrix mcart.xls module versions 6.5.2 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2015-8356
SHA-256 | 8efe216bb027ca8ee0be2bd4f6ef7d3c48d026ab18f0d7d086a6662a3f8f1bdf
Zen Cart 1.5.4 Local File Inclusion
Posted Dec 17, 2015
Authored by High-Tech Bridge SA | Site htbridge.com

Zen Cart version 1.5.4 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
advisories | CVE-2015-8352
SHA-256 | 90d80bdc3f4d66ab1dcd931c5b4166fa1f6e20341a15274d3e8539e3d3478f36
orion.extfeedbackform Bitrix Module 2.1.2 CSRF / SQL Injection
Posted Dec 17, 2015
Authored by High-Tech Bridge SA | Site htbridge.com

orion.extfeedbackform Bitrix module version 2.1.2 suffers from cross site request forgery and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, csrf
advisories | CVE-2015-8355
SHA-256 | eec9e7b4e30ebc71c095aa906c94d9c357af287f4a471dcf8ae2f104b0c822cd
bitrix.mpbuilder Bitrix 1.0.10 Local File Inclusion
Posted Dec 11, 2015
Authored by High-Tech Bridge SA | Site htbridge.com

bitrix.mpbuilder Bitrix module version 1.0.10 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
advisories | CVE-2015-8358
SHA-256 | d688c669bf51931323bfe010133ed5178c3bc69c4822fcbcef048fa6af5234b7
bitrix.scan Bitrix 1.0.3 Path Traversal
Posted Dec 11, 2015
Authored by High-Tech Bridge SA | Site htbridge.com

bitrix.scan Bitrix module version 1.0.3 suffers from a path traversal vulnerability.

tags | exploit, file inclusion
advisories | CVE-2015-8357
SHA-256 | 2597e943c082033362d873c1d67295bf6b0ccf2722b1674c326fb2f013ae86ce
WordPress Ultimate Member 1.3.28 Cross Site Scripting
Posted Dec 2, 2015
Authored by High-Tech Bridge SA | Site htbridge.com

WordPress Ultimate Member plugin version 1.3.28 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2015-8354
SHA-256 | c9ca3677fefabf989d98e6f46a693b4109c606008e37ba14df6bb66e353e939a
WordPress Gwolle Guestbook 1.5.3 Remote File Inclusion
Posted Dec 2, 2015
Authored by High-Tech Bridge SA | Site htbridge.com

WordPress Gwolle Guestbook plugin version 1.5.3 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
advisories | CVE-2015-8351
SHA-256 | 3c508424a14bf87d47e47bf3940ce3c2b33f80a60247374cd2b38c3dc9e2cd63
WordPress Calls To Action 2.4.3 Cross Site Scripting
Posted Dec 2, 2015
Authored by High-Tech Bridge SA | Site htbridge.com

WordPress Calls to Action plugin version 2.4.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2015-8350
SHA-256 | 458830b56600d9f6b97ed18aa8b64a58c79fa0079b1d611d70b3c7fd209bdca2
Page 1 of 24
Back12345Next

File Archive:

September 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    23 Files
  • 2
    Sep 2nd
    12 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    0 Files
  • 5
    Sep 5th
    10 Files
  • 6
    Sep 6th
    8 Files
  • 7
    Sep 7th
    30 Files
  • 8
    Sep 8th
    14 Files
  • 9
    Sep 9th
    26 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    5 Files
  • 13
    Sep 13th
    28 Files
  • 14
    Sep 14th
    15 Files
  • 15
    Sep 15th
    17 Files
  • 16
    Sep 16th
    9 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    12 Files
  • 20
    Sep 20th
    15 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    13 Files
  • 23
    Sep 23rd
    12 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close