Author: High-Tech Bridge Security Research Lab

Country: ch

Reported research: 347

Advisories

Risk	Topic & Details
Med.	Atutor 2.2.1 Path Traversal Remote \| 2016-08-04
Med.	GLPI 0.90.2 SQL Injection Remote \| 2016-04-30
Low	phpMyFAQ 2.8.26 / 2.9.0-RC2 Cross Site Request Forgery Remote \| 2016-04-22
Med.	Webligo SocialEngine 4.8.9 SQL Injection Remote \| 2016-04-06
Med.	CubeCart 6.0.10 CSRF / XSS / SQL Injection Remote \| 2016-03-31
Med.	WebsiteBaker CMS 2.8.3-SP5 SQL Injection Remote \| 2016-03-20
Low	iTop 2.2.1 Cross Site Request Forgery Remote \| 2016-03-20
Low	Dating Pro Genie 2015.7 Cross Site Request Forgery Remote \| 2016-03-20
Med.	WeBid 1.1.2P2 SQL Injection Remote \| 2016-02-19
Med.	webSPELL 4.2.4 Cross Site Request Forgery / SQL Injection Remote \| 2016-02-19
High	DOKEOS ce30 Authentication Bypass Remote \| 2016-02-19
High	osCmax 2.5.4 Code Execution / CSRF / Local File Inclusion Remote \| 2016-02-19
Med.	Osclass 3.5.9 SQL Injection Remote \| 2016-02-19
Med.	osCommerce 2.3.4 Local File Inclusion / Cross Site Request Forgery Remote \| 2016-02-19
Med.	TestLink 1.9.14 SQL Injection Remote \| 2016-02-19
High	Exponent 2.3.7 PHP Code Execution (CVE assigned) Remote \| 2016-02-12
Med.	Bitrix mcart.xls 6.5.2 SQL Injection (CVE assigned) Remote \| 2016-01-15
Med.	Roundcube 1.1.3 Path Traversal (CVE assigned) Remote \| 2016-01-15
Med.	Zen Cart 1.5.4 Local File Inclusion (CVE assigned) Remote \| 2015-12-18
Med.	orion.extfeedbackform Bitrix Module 2.1.2 CSRF / SQL Injection (CVE assigned) Remote \| 2015-12-18
Med.	bitrix.mpbuilder Bitrix 1.0.10 Local File Inclusion (CVE assigned) Remote \| 2015-12-11
Med.	bitrix.scan Bitrix 1.0.3 Path Traversal (CVE assigned) Remote \| 2015-12-11
High	WordPress Gwolle Guestbook 1.5.3 Remote File Inclusion (CVE assigned) Remote \| 2015-12-03
Low	WordPress Role Scoper 1.3.66 Cross Site Scripting (CVE assigned) Remote \| 2015-12-03
Low	WordPress Calls To Action 2.4.3 Cross Site Scripting (CVE assigned) Remote \| 2015-12-03
Low	WordPress Ultimate Member 1.3.28 Cross Site Scripting (CVE assigned) Remote \| 2015-12-03
Low	Horde Groupware 5.2.10 Cross Site Request Forgery (CVE assigned) Remote \| 2015-11-19
Low	Oxwall 1.7.4 Cross Site Request Forgery (CVE assigned) Remote \| 2015-10-30
Low	SourceBans 1.4.11 Cross Site Scripting Remote \| 2015-10-06
Low	iTop 2.1.0-2127 Cross Site Scripting (CVE assigned) Remote \| 2015-09-24

Author: High-Tech Bridge Security Research Lab

Country: ch

Reported research: 347

Advisories

Med.

Remote | 2016-08-04

Med.

Remote | 2016-04-30

Low

Remote | 2016-04-22

Med.

Remote | 2016-04-06

Med.

Remote | 2016-03-31

Med.

Remote | 2016-03-20

Low

Remote | 2016-03-20

Low

Remote | 2016-03-20

Med.

Remote | 2016-02-19

Med.

Remote | 2016-02-19

High

Remote | 2016-02-19

High

Remote | 2016-02-19

Med.

Remote | 2016-02-19

Med.

Remote | 2016-02-19

Med.

Remote | 2016-02-19

High

Exponent 2.3.7 PHP Code Execution (CVE assigned)

Remote | 2016-02-12

Med.

Bitrix mcart.xls 6.5.2 SQL Injection (CVE assigned)

Remote | 2016-01-15

Med.

Roundcube 1.1.3 Path Traversal (CVE assigned)

Remote | 2016-01-15

Med.

Zen Cart 1.5.4 Local File Inclusion (CVE assigned)

Remote | 2015-12-18

Med.

orion.extfeedbackform Bitrix Module 2.1.2 CSRF / SQL Injection (CVE assigned)

Remote | 2015-12-18

Med.

bitrix.mpbuilder Bitrix 1.0.10 Local File Inclusion (CVE assigned)

Remote | 2015-12-11

Med.

bitrix.scan Bitrix 1.0.3 Path Traversal (CVE assigned)

Remote | 2015-12-11

High

WordPress Gwolle Guestbook 1.5.3 Remote File Inclusion (CVE assigned)

Remote | 2015-12-03

Low

WordPress Role Scoper 1.3.66 Cross Site Scripting (CVE assigned)

Remote | 2015-12-03

Low

WordPress Calls To Action 2.4.3 Cross Site Scripting (CVE assigned)

Remote | 2015-12-03

Low

WordPress Ultimate Member 1.3.28 Cross Site Scripting (CVE assigned)

Remote | 2015-12-03

Low

Horde Groupware 5.2.10 Cross Site Request Forgery (CVE assigned)

Remote | 2015-11-19

Low

Oxwall 1.7.4 Cross Site Request Forgery (CVE assigned)

Remote | 2015-10-30

Low

Remote | 2015-10-06

Low

iTop 2.1.0-2127 Cross Site Scripting (CVE assigned)

Remote | 2015-09-24