| Real Name | High-Tech Bridge SA |
|---|---|
| Email address | advisory at htbridge.com |
| Website | www.htbridge.com |
| First Active | 2010-04-20 |
| Last Active | 2016-08-03 |
Burden version 1.8 has an authentication flaw that can be exploited by a remote non-authenticated attacker to gain administrative access.
37b074fcfd1268b4c2a6f2caa51871c515255ca4a95d417dbb255ba1040e51e3Horizon QCMS version 4.0 suffers from remote SQL injection and directory traversal vulnerabilities.
c4a8ec5246cde659f575cae4546093150061579f6c6c6713fe4b0a2f20435884eduTrac version 1.1.1-Stable suffers from a path traversal vulnerability.
bbcbaefdf98a4264b09bcb1efd2aa0a1ddc9ac5a1377f6110a0313dee9cdb58cWordPress Ad-minister plugin version 0.6 suffers from a cross site scripting vulnerability.
00c782cd1bf296e3d433962ceb1d7976f641f78821242d9e2dcb9de59a95273cAskApache Firefox Adsense WordPress plugin version 3.0 suffers from a cross site request forgery vulnerability.
83e2b745be93d36c6d8f251eb3ff8e050c3d08d2693edf4929bbd4bd6f6b2a97WordPress WP-Cron Dashboard plugin version 1.1.5 suffers from a cross site scripting vulnerability.
f8840c091172531deddf4652fb5f9157003d57aa86d4e8c7c034f771605b859bMijoSearch Joomla plugin version 2.0.1 suffers from cross site scripting and information exposure vulnerabilities.
d49e666e31077ef43eaa1eb6dbab55cff4939a0e26917bfbac6027959838f389High-Tech Bridge Security Research Lab discovered a vulnerability in Bitrix Site Manager version 12.5.13 that can be exploited to spoof a user's identity and read, modify or delete pre-ordered items in customer's basket.
df32b7608aa8097f5c204ce23131150794fa4c21f8a3007af5bab1d3219dd012InstantCMS version 1.10.3 suffers from a remote SQL injection vulnerability.
23828f2ece7ce5ee132cb50ec95a38c18e45a28fd502c207d11da99c50075f63Jamroom version 5.0.2 suffers from a cross site scripting vulnerability.
69198ff23705681ef817fddb29ab688a6d071258cfde047842f9549a92f07f01Chamilo LMS version 1.9.6 suffers from a remote SQL injection vulnerability.
36e173b2be5a99350bc8b86a9eefbb79333880193bd30a896bc223fd6a58374dDokeos version 2.2 RC2 suffers from a remote SQL injection vulnerability.
1c90844d11a66c66cf2d6b5c646d4bea3595686b9a756b41e2e610d39e08eff4Claroline version 1.11.8 suffers from multiple cross site scripting vulnerabilities.
2d1b2ef9c175f2f82b0ed223a879bb779fccc661cedf88f4043404645de074afWordPress Tweet Blender plugin version 4.0.1 suffers from a cross site scripting vulnerability.
7dd056ebf7a017614701914e9d8cdf3368acf8be185e3d65dc66b408e337e672Zikula version 1.3.5 build 20 suffers from a cross site scripting vulnerability.
d4aa7a019d25c876743342db6f2f79b44ee7b8795498b59486f415c5a8de7698appRain version 3.0.2 suffers from a remote SQL injection vulnerability.
c9b7309b9491bac7d77ccf7c949a6825fbdcd06cedb8d1445051efe18501f410GuppY version 4.6.26 suffers from a cross site scripting vulnerability.
8b7dc8f59410bf9a18129eab1a1488495b75587d4c45e6e7a60c33368e3de149Microweber version 0.8 suffers from an arbitrary, unauthenticated file deletion vulnerability.
00e97b9578c6ea4b1d5201d508e35d8194cb39385bfa4167d6c6fece74f8402bFeng Office version 2.3.2-rc suffers from a cross site scripting vulnerability.
40b47e9967f44d583ce89da957cbbc397e193b6e477657fb9f14023e55e027edGnew version 2013.1 suffers from file inclusion and remote SQL injection vulnerabilities.
5199ad852acda0940d57030b7959f51f670c52fe7e8e02ec5f376e9a5ea53becGLPI version 0.84.1 suffers from improper access control bypass and PHP code injection vulnerabilities.
eff44306fe558c9ddee7deaada237abd8335437f7528971070868f8ecce632f6X2CRM version 3.4.1 suffers from cross site scripting and local file inclusion vulnerabilities.
6a4cc66b913f10cf3f46ac6679902a3741e65db273a494ff6f23cbe4728b3b17vtiger CRM version 5.4.0 suffers from a remote SQL injection vulnerability.
6f1a57864ebc9db55967154960396a0a758db0008927420ffac97caba1e1093cThis whitepaper discusses the ImmuniWeb Self-Fuzzer Firefox Extension. It is designed to detect cross site scripting and SQL injection vulnerabilities in web applications.
6f6965c6ee77da56e8c4cd79550ce7ac4fc004582bbbf1c3acceb2d70e88bad8WikkaWiki version 1.3.4 suffers from a cross site scripting vulnerability.
50a6264f9e82181f520977a4087cbbcda7d57a7f7edc82ecae17437d9e5bd3bc
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed