Real Name | High-Tech Bridge SA |
---|---|
Email address | advisory at htbridge.com |
Website | www.htbridge.com |
First Active | 2010-04-20 |
Last Active | 2016-08-03 |
WordPress BackWPup plugin version 3.0.12 suffers from a cross site scripting vulnerability.
93f2cc11ee32807aa3422651bd1c3ccb2a3199c24e770cd4a9e9178bd7644656
Twilight CMS version 5.17 suffers from a cross site scripting vulnerability.
2f7d721140bbe96c25bb6cd4aa254c1ddcfbada6b9d1226adca568d2d97cf75d
DeWeS web server version 0.4.2 suffers from a path traversal vulnerability.
4afc73f6c6a59ae86bda8007462935bdef406857a24bfcf735e6a96cd7d35629
BigTree CMS version 4.0 RC2 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.
9da95b8db9bd5d7ab61e1c4e5943ab6b7fb602a7159e15bbacf88d7869e408c4
Cotonti version 0.9.13 suffers from a remote SQL injection vulnerability.
11be7d74fb10c4a12d82d19fd7f3bcbd3a83704586090f72442d1059fabc4e6f
Jahia xCM version 6.6.1.0 r43343 suffers from multiple cross site scripting vulnerabilities.
c5ef8030d861fa130fe564ae69779015f7e7b77b93b60e3fb55f9365cda7843a
WordPress Duplicator plugin version 0.4.4 suffers from a cross site scripting vulnerability.
c11bcdd0311e215255171e238d9b2a4a5c5cbb4a495aa33f118f1d414bc6792b
Magnolia CMS versions 5.0.1, 5.0, 4.5.9, 4.5.8, and 4.5.7 suffer from a cross site scripting vulnerability.
e1a57d6ef2d1f9af10faf583024ebba7968cc1b930a63061237944f7b16d7b8c
OpenCMS version 8.5.1 suffers from a cross site scripting vulnerability.
38b297dd1ab04c81707528c624dcbe14c157ef5ed3c0efec359d9e679dce13fb
Kasseler CMS version 2 r1223 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.
12b1c13062d11a8309a56e262bd4c347eba49d379b6c1cbf8c2226e042152117
OpenX version 2.8.10 suffers from cross site scripting and local file inclusion vulnerabilities.
d08e9e5a6bd82b06d1b3ad7f393924720a46ca189b23c473f598bd45b9eeed98
Xaraya version 2.4.0-b1 suffers from multiple cross site scripting vulnerabilities.
ed1a6f3ff2988a17b6db15e8220f076ffe9b16698f9b2452201a32c958af6c74
Dolphin version 7.1.2 suffers from cross site request forgery and remote SQL injection vulnerabilities.
0cf057a272b2c86b15e073f837b8429da87c6ccef86e5c34f36b8068c5b35a0c
This paper is an introduction to the world of fuzzing by exploring the Sulley Fuzzing Framework.
9482ad49dcf1e85c63ff69f49d2c96af0e9d27589c49349ac1b0a36cd553b59f
Exponent CMS version 2.2.0 beta 3 suffers from local file inclusion and remote SQL injection vulnerabilities.
c66432c06b6aeb8a14da0a5432997dffbde3bde7c22f8d34fad4191d2231131f
UMI.CMS version 2.9 suffers from a cross site request forgery vulnerability. Fixed in version 2.9 build 21905.
1b0e4d26dfa1a21c5dc4f029c8a2dc7ada712c3e42ede3f39bd6f72be600733b
b2evolution version 4.1.6 suffers from remote SQL injection and cross site request forgery vulnerabilities.
a5ab5b7104a53bbb94e8b06e61c86f560a088dd4b5a5a927911191693b7c5615
GetSimple CMS version 3.1.2 suffers from multiple cross site scripting vulnerabilities.
ac100bee72f2103369d32785e864dc632666525874db17dd602e3c7f2062edd2
KrisonAV CMS version 3.0.1 suffers from cross site request forgery and cross site scripting vulnerabilities.
67fef60fe75255a54bdaa421e598033b564c3cd7f9a2ddc60ad14b24dcb74af4
In November, 2012, High-Tech Bridge Security Research Lab discovered multiple vulnerabilities in Novell GroupWise 2012. Details of the vulnerabilities were disclosed in April, 2013. This paper demonstrates vulnerability exploitation to execute arbitrary code on the vulnerable system.
247383f376ee16946d9314eb4cb430f00045438e994129e80eb43797b132b877
Symphony version 2.3.1 suffers from a remote SQL injection vulnerability.
7e746f6f0becdb1c3bf1082b0fc80a06a0763df2b35b291a8f3a205d747948ae
Novell GroupWise version 12.0.0.8586 suffers form an untrusted pointer dereference vulnerability.
47e0f623fea3a5ed097e984178caf98801bcbed84209598283926cafe7ba2d6e
FUDforum version 3.0.4 suffers from an arbitrary code execution vulnerability.
36279cc79b9bb26cd0dfb7956cb4f1df702478b62a9a137f7cb48f7ac0e3c190
AWS XMS version 2.5 suffers from a path traversal vulnerability.
e8265b5ddbb691c7801baa5e82a4c792f1e07efb41722fd028d1429b5c701edf
McAfee Virtual Technician (MVT) 6.5.0.2101 suffers from an exposed unsafe active-x method.
55fc445bc2332b108a292b07dc1275003a836cf017d276122b75dab94844b2a7