exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 578 RSS Feed

Files from High-Tech Bridge SA

Real NameHigh-Tech Bridge SA
Email addressadvisory at htbridge.com
Websitewww.htbridge.com
First Active2010-04-20
Last Active2016-08-03
View User Profile

Personal Background

High-Tech Bridge SA (htbridge.com) provides businesses and organizations with world-class information security services. High-Tech Bridge Security Research Lab (unit of High-Tech Bridge's R&D Department) regularly releases HTB Advisories that are aimed to to help various software vendors to improve security of their products. High-Tech Bridge's auditors also try to share their knowledge with the industry by publishing White Papers on information security and ethical hacking topics.


WordPress Role Scoper 1.3.66 Cross Site Scripting
Posted Dec 2, 2015
Authored by High-Tech Bridge SA | Site htbridge.com

WordPress Role Scoper plugin version 1.3.66 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2015-8353
SHA-256 | d866c0ec123a8ab2510f8a5984126768307b9249a3f33cd386de677d9b02d160
Horde Groupware 5.2.10 Cross Site Request Forgery
Posted Nov 19, 2015
Authored by High-Tech Bridge SA | Site htbridge.com

Horde Groupware version 5.2.10 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2015-7984
SHA-256 | c4fc067423fe364eb06a86f8f53f8d241025ebcaec8ec8d5e2dbc2baea883140
Oxwall 1.7.4 Cross Site Request Forgery
Posted Oct 29, 2015
Authored by High-Tech Bridge SA | Site htbridge.com

Oxwall version 1.7.4 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2015-5534
SHA-256 | 88ada6ac426249e6a52b83bd212e37b27d3c0891970c6b58a7203e704fd03a16
SourceBans 1.4.11 Cross Site Scripting
Posted Oct 6, 2015
Authored by High-Tech Bridge SA | Site htbridge.com

SourceBans version 1.4.11 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2015-8349
SHA-256 | 8bf06e8406bad27f08f2a97b4717d95fd3058836c68b4f936b0f9829a5665589
iTop 2.1.0-2127 Cross Site Scripting
Posted Sep 23, 2015
Authored by High-Tech Bridge SA | Site htbridge.com

iTop version 2.1.0-2127 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2015-6544
SHA-256 | f4b6534491d5293f2fea76c29c6b8aadee6b449a909842e6180df88d6e311a00
Cerb 7.0.3 Cross Site Request Forgery
Posted Sep 2, 2015
Authored by High-Tech Bridge SA | Site htbridge.com

Cerb version 7.0.3 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2015-6545
SHA-256 | c699a5692fdd4ddc1593268207023f7b4e79ce962b2ef31354be29390c9ad1a6
WordPress qTranslate 2.5.39 Cross Site Scripting
Posted Jul 30, 2015
Authored by High-Tech Bridge SA | Site htbridge.com

WordPress qTranslate plugin version 2.5.39 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2015-5535
SHA-256 | 6b38b458046194ca8f416bd7697b504ba0c912914d24f7a36338e73ab0bef038
WordPress Paid Memberships Pro 1.8.4.2 Cross Site Scripting
Posted Jul 22, 2015
Authored by High-Tech Bridge SA | Site htbridge.com

WordPress Paid Memberships Pro plugin version 1.8.4.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2015-5532
SHA-256 | 410ccd42ad7f7fd44ee5b3408fbbe29164843761e90521e5e7335512139412ff
WordPress Count Per Day 3.4 SQL Injection
Posted Jul 22, 2015
Authored by High-Tech Bridge SA | Site htbridge.com

WordPress Count Per Day plugin version 3.4 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2015-5533
SHA-256 | f687e1b0d3ad51322c1b0413cd02097173f02fb47e8b268312c45c39c2901d6d
BlackCat CMS 1.1.1 Path Traversal
Posted Jul 3, 2015
Authored by High-Tech Bridge SA | Site htbridge.com

BlackCat CMS version 1.1.1 suffers from a path traversal vulnerability.

tags | exploit, file inclusion
advisories | CVE-2015-5079
SHA-256 | eb9f1e40548399becf1773ae639850fb9aa7f0181124f0e7f395dcc0f08cb347
Vesta Control Panel 0.9.8 OS Command Injection
Posted Jun 17, 2015
Authored by High-Tech Bridge SA | Site htbridge.com

Vesta Control Panel version 0.9.8 suffers from an OS command injection vulnerability.

tags | exploit
advisories | CVE-2015-4117
SHA-256 | 8afef03dc758fc7e9258cea86f2165628c4ee859debcb92aa2ea90cfb8973453
SearchBlox 8.2 Cross Site Scripting
Posted Jun 17, 2015
Authored by High-Tech Bridge SA | Site htbridge.ch

SearchBlox version 8.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2015-3422
SHA-256 | c50cf93766fdeb247be5b7f551e3e1f70a06620929967b43da8b53e840f1e73c
PHP 5.6.9 Use-After-Free
Posted Jun 10, 2015
Authored by High-Tech Bridge SA | Site htbridge.com

High-Tech Bridge Security Research Lab discovered use-after-free vulnerability in a popular programming language PHP, which can be exploited to cause crash and possibly execute arbitrary code on the target system. The vulnerability resides within the 'spl_heap_object_free_storage()' PHP function when trying to dereference already freed memory. A local attacker can cause segmentation fault or possibly execute arbitrary code on the target system with privileges of webserver.

tags | exploit, arbitrary, local, php
SHA-256 | 97375f017fbc6339f20309d1873f364d4f4bb2e3171ae12a6883001f4efb66fc
ISPConfig 3.0.5.4p6 SQL Injection / Cross Site Request Forgery
Posted Jun 10, 2015
Authored by High-Tech Bridge SA | Site htbridge.com

ISPConfig version 3.0.5.4p6 suffers from cross site request forgery and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, csrf
advisories | CVE-2015-4118, CVE-2015-4119
SHA-256 | 7b20edde24f0f1fb2d963049457764c5312fb3b6037c0261c180f81ce8d63252
Bonita BPM 6.5.1 Directory Traversal / Open Redirect
Posted Jun 10, 2015
Authored by High-Tech Bridge SA | Site htbridge.com

Bonita BPM version 6.5.1 suffers from open redirect and directory traversal vulnerabilities.

tags | exploit, vulnerability, file inclusion
advisories | CVE-2015-3897, CVE-2015-3898
SHA-256 | 318aebbb7238bd95d83a383ed6cec374ab8164e93742363befdec484d42c0016
ResourceSpace 7.1.6513 Local File Inclusion
Posted Jun 3, 2015
Authored by High-Tech Bridge SA | Site htbridge.com

ResourceSpace version 7.1.6513 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
advisories | CVE-2015-3648
SHA-256 | 46b044d14179bda302739897595298f1156cad1c03bd441bd572c377ab5800bb
WordPress WP Photo Album Plus 6.1.2 Cross Site Scripting
Posted May 21, 2015
Authored by High-Tech Bridge SA | Site htbridge.com

WordPress WP Photo Album Plus plugin version 6.1.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2015-3647
SHA-256 | dc87e9e9a57eaba329f327e233795a7d58028430aed823b369b88e95f8d7eada
WordPress eShop 6.3.11 Code Execution
Posted May 6, 2015
Authored by High-Tech Bridge SA | Site htbridge.com

High-Tech Bridge Security Research Lab discovered a security vulnerability in the eShop WordPress Plugin, which can be exploited by remote attackers to overwrite arbitrary PHP variables within the context of the vulnerable application. The vulnerability exists due to insufficient validation of user-supplied input in the "eshopcart" HTTP cookie. Successful exploitation of this vulnerability may potentially result in arbitrary PHP code execution.

tags | exploit, remote, web, arbitrary, php, code execution
advisories | CVE-2015-3421
SHA-256 | b646ba90f83bf6fbf8ded5692dab800ca1dad5f780ce50ab36b9848e60d3f6b3
WordPress TheCartPress 1.3.9 XSS / Local File Inclusion
Posted Apr 29, 2015
Authored by High-Tech Bridge SA | Site htbridge.com

WordPress TheCartPress plugin version 1.3.9 suffers from local file inclusion, improper access control, and cross site scripting vulnerabilities.

tags | exploit, local, vulnerability, xss, file inclusion
advisories | CVE-2015-3300, CVE-2015-3301, CVE-2015-3302
SHA-256 | c7864d1f9f6c456cfb191d7c8ce59288c2188a532e7d7d1111c6f0c87c396032
FreePBX 12.0.43 Cross Site Scripting
Posted Apr 22, 2015
Authored by High-Tech Bridge SA | Site htbridge.com

FreePBX version 12.0.43 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2015-2690
SHA-256 | d9d53b3b7599d87fc38d7ee9ff08ed12b0135076e823739c358307a8c50d03b8
pfSense 2.2 Cross Site Request Forgery / Cross Site Scripting
Posted Mar 25, 2015
Authored by High-Tech Bridge SA | Site htbridge.com

pfSense version 2.2 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
advisories | CVE-2015-2294, CVE-2015-2295
SHA-256 | 17f91d13806f834c29b1b913f8c480f5b36357931284cb1c6d8b791cd8c6f217
WordPress Huge IT Slider 2.6.8 SQL Injection
Posted Mar 12, 2015
Authored by High-Tech Bridge SA | Site htbridge.com

WordPress Huge IT Slider plugin version 2.6.8 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
advisories | CVE-2015-2062
SHA-256 | d487e0003c0e5ec316459bb410463f9de01f0c445589e9b20e975c3af91e9f9e
My Little Forum 2.3.3 Cross Site Scripting / SQL Injection
Posted Feb 11, 2015
Authored by High-Tech Bridge SA | Site htbridge.com

My Little Forum version 2.3.3 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
advisories | CVE-2015-1434, CVE-2015-1435
SHA-256 | b05f17411f700d0b2f76037900c11e594d0b792dfad6ff722d528da0f71e7f65
WordPress Easing Slider 2.2.0.6 Cross Site Scripting
Posted Feb 11, 2015
Authored by High-Tech Bridge SA | Site htbridge.com

WordPress Easing Slider plugin version 2.2.0.6 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2015-1436
SHA-256 | bc06449f398ab083af89f8a2218533627ea9bb9b6dcf584267e80dbdac8f9c42
MantisBT 1.2.17 XSS / Improper Access Control / SQL Injection
Posted Jan 29, 2015
Authored by High-Tech Bridge SA | Site htbridge.com

MantisBT version 1.2.17 suffers from improper access control, cross site scripting, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
advisories | CVE-2014-9571, CVE-2014-9572, CVE-2014-9573
SHA-256 | 66702fafa02a9dbc923285c073b3f395b675adad64da5dfa2394ca10e6440fd2
Page 2 of 24
Back12345Next

File Archive:

September 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    23 Files
  • 2
    Sep 2nd
    12 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    0 Files
  • 5
    Sep 5th
    10 Files
  • 6
    Sep 6th
    8 Files
  • 7
    Sep 7th
    30 Files
  • 8
    Sep 8th
    14 Files
  • 9
    Sep 9th
    26 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    5 Files
  • 13
    Sep 13th
    28 Files
  • 14
    Sep 14th
    15 Files
  • 15
    Sep 15th
    17 Files
  • 16
    Sep 16th
    9 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    12 Files
  • 20
    Sep 20th
    15 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    13 Files
  • 23
    Sep 23rd
    12 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close