Showing 1 - 25 of 578

Files from High-Tech Bridge SA

Real Name	High-Tech Bridge SA
Email address	advisory at htbridge.com
Website	www.htbridge.com
First Active	2010-04-20
Last Active	2016-08-03

View User Profile

Personal Background

High-Tech Bridge SA (htbridge.com) provides businesses and organizations with world-class information security services. High-Tech Bridge Security Research Lab (unit of High-Tech Bridge's R&D Department) regularly releases HTB Advisories that are aimed to to help various software vendors to improve security of their products. High-Tech Bridge's auditors also try to share their knowledge with the industry by publishing White Papers on information security and ethical hacking topics.

Atutor 2.2.1 Path Traversal: Posted Aug 3, 2016; Authored by High-Tech Bridge SA | Site htbridge.com; Atutor version 2.2.1 suffers from a path traversal vulnerability.; tags | exploit, file inclusion; SHA-256 | 7d2dc31a94a36d60ffffd314cd5eefeb8657f7e9d1c878147cc716b00e4d2e23; Download | Favorite | View

GLPI 0.90.2 SQL Injection: Posted Apr 29, 2016; Authored by High-Tech Bridge SA | Site htbridge.com; GLPI version 0.90.2 suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 0a52a7fa8c4afcded04b0fa0b0ab812aee4b472f7d4fb50e3c3e6e43d1e28060; Download | Favorite | View

phpMyFAQ 2.8.26 / 2.9.0-RC2 Cross Site Request Forgery: Posted Apr 20, 2016; Authored by High-Tech Bridge SA | Site htbridge.com; phpMyFAQ versions 2.8.26 and 2.9.0-RC2 suffer from a cross site request forgery vulnerability.; tags | exploit, csrf; SHA-256 | b4b19a666863c0731be2d532693b5b2ccf810e9441b2e6245193a4737cfe146a; Download | Favorite | View

Webligo SocialEngine 4.8.9 SQL Injection: Posted Apr 6, 2016; Authored by High-Tech Bridge SA | Site htbridge.com; Webligo SocialEngine version 4.8.9 suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 23d7b324c1f00d120d482272b68f715bc252d57f6a4a0e8541edcafd5c706d24; Download | Favorite | View

CubeCart 6.0.10 CSRF / XSS / SQL Injection: Posted Mar 30, 2016; Authored by High-Tech Bridge SA | Site htbridge.com; CubeCart version 6.0.10 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.; tags | exploit, remote, vulnerability, xss, sql injection, csrf; SHA-256 | 3dca54cdd3a351d32b94d67ca282145aea98405b953947e783751533ae0c5b89; Download | Favorite | View

WebsiteBaker CMS 2.8.3-SP5 SQL Injection: Posted Mar 19, 2016; Authored by High-Tech Bridge SA | Site htbridge.com; WebsiteBaker CMS version 2.8.3-SP5 suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | d8c88cbdb9744e1a26af7b80ce4fe6fe1b5c53888b9441fc5f1c76364d300b27; Download | Favorite | View

Dating Pro Genie 2015.7 Cross Site Request Forgery: Posted Mar 19, 2016; Authored by High-Tech Bridge SA | Site htbridge.com; High-Tech Bridge Security Research Lab discovered multiple cross site request forgery (CSRF) vulnerabilities in a popular dating social network Dating Pro. A remote unauthenticated attacker can perform CSRF attacks to change administrator's credentials and execute arbitrary system commands. Successful exploitation of the vulnerability may allow attacker to gain complete control over the vulnerable website, all its users and databases. suffers from a cross site request forgery vulnerability.; tags | exploit, remote, arbitrary, vulnerability, csrf; SHA-256 | 9b0685fd87ae9a98fe16f9d776280dfa8f697c3ea2872fce79f19f41bb912245; Download | Favorite | View

iTop 2.2.1 Cross Site Request Forgery: Posted Mar 19, 2016; Authored by High-Tech Bridge SA | Site htbridge.com; High-Tech Bridge Security Research Lab discovered a remote code execution vulnerability in iTop that is exploitable via cross site request forgery flaw that is also present in the application. The vulnerability exists due to absence of validation of HTTP request origin in "/env-production/itop-config/config.php" script, as well as lack of user-input sanitization received via "new_config" HTTP POST parameter.; tags | exploit, remote, web, php, code execution, csrf; SHA-256 | 2a57050bf2377c2df7b28c31e707efa2cf5ea74cb641059629604c7bdc0bd715; Download | Favorite | View

WeBid 1.1.2P2 SQL Injection: Posted Feb 18, 2016; Authored by High-Tech Bridge SA | Site htbridge.com; WeBid version 1.1.2P2 suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 4c445d18ff897468b32229c61b93169d17ee6ba88ec405da9f786b7a7906b6fd; Download | Favorite | View

webSPELL 4.2.4 Cross Site Request Forgery / SQL Injection: Posted Feb 18, 2016; Authored by High-Tech Bridge SA | Site htbridge.com; webSPELL version 4.2.4 suffers from cross site request forgery and remote SQL injection vulnerabilities.; tags | exploit, remote, vulnerability, sql injection, csrf; SHA-256 | 2291468cde58eae41054890b9e25d4217654ae9d0f8b7b9e749e1192bdcd7e44; Download | Favorite | View

DOKEOS ce30 Authentication Bypass: Posted Feb 18, 2016; Authored by High-Tech Bridge SA | Site htbridge.com; DOKEOS version ce30 suffers from an authentication bypass vulnerability.; tags | exploit, bypass; SHA-256 | e0d80f4d11e0f37a08bd45c5adf3616f68bc949b8f350966e67ed9a9b99c6a86; Download | Favorite | View

TestLink 1.9.14 SQL Injection: Posted Feb 18, 2016; Authored by High-Tech Bridge SA | Site htbridge.com; TestLink version 1.9.14 suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 91d1c80956419cb3834dcfcd444983fe9cb7d79deae450a0f99e91da4a1bf961; Download | Favorite | View

Osclass 3.5.9 SQL Injection: Posted Feb 18, 2016; Authored by High-Tech Bridge SA | Site htbridge.com; Osclass version 3.5.9 suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 1873a8e1196208b1b465380f46ad84e72520251b671aaa4c7dd577b9cff925a1; Download | Favorite | View

osCmax 2.5.4 Code Execution / CSRF / Local File Inclusion: Posted Feb 18, 2016; Authored by High-Tech Bridge SA | Site htbridge.com; osCmax version 2.5.4 suffers from code execution, cross site request forgery, and local file inclusion vulnerabilities.; tags | exploit, local, vulnerability, code execution, file inclusion, csrf; SHA-256 | 4ad8190811bf2819eca13b86515ec3b6f35acf38818dc02e5c40e799d449f463; Download | Favorite | View

osCommerce 2.3.4 Local File Inclusion / Cross Site Request Forgery: Posted Feb 18, 2016; Authored by High-Tech Bridge SA | Site htbridge.com; osCommerce version 2.3.4 suffers from cross site request forgery and local file inclusion vulnerabilities.; tags | exploit, local, vulnerability, file inclusion, csrf; SHA-256 | 0590c4c85647c5c0a02e877aee9bff53f2ee293542d8d20f50cdb9048d52be0f; Download | Favorite | View

Exponent 2.3.7 PHP Code Execution: Posted Feb 11, 2016; Authored by High-Tech Bridge SA | Site htbridge.com; Exponent version 2.3.7 suffers from a remote code execution vulnerability.; tags | exploit, remote, code execution; advisories | CVE-2016-2242; SHA-256 | c860521e13cb68a7d5e2065b83c714419c3402786742f17f19e96a31700e22cc; Download | Favorite | View

Roundcube 1.1.3 Path Traversal: Posted Jan 15, 2016; Authored by High-Tech Bridge SA | Site htbridge.com; Roundcube version 1.1.3 suffers from a path traversal vulnerability.; tags | exploit, file inclusion; advisories | CVE-2015-8770; SHA-256 | 6551689ab0f8ab20c15662733c86a38c232df6050526b42e48f077a5a32b41e9; Download | Favorite | View

Bitrix mcart.xls 6.5.2 SQL Injection: Posted Jan 14, 2016; Authored by High-Tech Bridge SA | Site htbridge.com; Bitrix mcart.xls module versions 6.5.2 and below suffer from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; advisories | CVE-2015-8356; SHA-256 | 8efe216bb027ca8ee0be2bd4f6ef7d3c48d026ab18f0d7d086a6662a3f8f1bdf; Download | Favorite | View

Zen Cart 1.5.4 Local File Inclusion: Posted Dec 17, 2015; Authored by High-Tech Bridge SA | Site htbridge.com; Zen Cart version 1.5.4 suffers from a local file inclusion vulnerability.; tags | exploit, local, file inclusion; advisories | CVE-2015-8352; SHA-256 | 90d80bdc3f4d66ab1dcd931c5b4166fa1f6e20341a15274d3e8539e3d3478f36; Download | Favorite | View

orion.extfeedbackform Bitrix Module 2.1.2 CSRF / SQL Injection: Posted Dec 17, 2015; Authored by High-Tech Bridge SA | Site htbridge.com; orion.extfeedbackform Bitrix module version 2.1.2 suffers from cross site request forgery and remote SQL injection vulnerabilities.; tags | exploit, remote, vulnerability, sql injection, csrf; advisories | CVE-2015-8355; SHA-256 | eec9e7b4e30ebc71c095aa906c94d9c357af287f4a471dcf8ae2f104b0c822cd; Download | Favorite | View

bitrix.mpbuilder Bitrix 1.0.10 Local File Inclusion: Posted Dec 11, 2015; Authored by High-Tech Bridge SA | Site htbridge.com; bitrix.mpbuilder Bitrix module version 1.0.10 suffers from a local file inclusion vulnerability.; tags | exploit, local, file inclusion; advisories | CVE-2015-8358; SHA-256 | d688c669bf51931323bfe010133ed5178c3bc69c4822fcbcef048fa6af5234b7; Download | Favorite | View

bitrix.scan Bitrix 1.0.3 Path Traversal: Posted Dec 11, 2015; Authored by High-Tech Bridge SA | Site htbridge.com; bitrix.scan Bitrix module version 1.0.3 suffers from a path traversal vulnerability.; tags | exploit, file inclusion; advisories | CVE-2015-8357; SHA-256 | 2597e943c082033362d873c1d67295bf6b0ccf2722b1674c326fb2f013ae86ce; Download | Favorite | View

WordPress Ultimate Member 1.3.28 Cross Site Scripting: Posted Dec 2, 2015; Authored by High-Tech Bridge SA | Site htbridge.com; WordPress Ultimate Member plugin version 1.3.28 suffers from a cross site scripting vulnerability.; tags | exploit, xss; advisories | CVE-2015-8354; SHA-256 | c9ca3677fefabf989d98e6f46a693b4109c606008e37ba14df6bb66e353e939a; Download | Favorite | View

WordPress Gwolle Guestbook 1.5.3 Remote File Inclusion: Posted Dec 2, 2015; Authored by High-Tech Bridge SA | Site htbridge.com; WordPress Gwolle Guestbook plugin version 1.5.3 suffers from a remote file inclusion vulnerability.; tags | exploit, remote, code execution, file inclusion; advisories | CVE-2015-8351; SHA-256 | 3c508424a14bf87d47e47bf3940ce3c2b33f80a60247374cd2b38c3dc9e2cd63; Download | Favorite | View

WordPress Calls To Action 2.4.3 Cross Site Scripting: Posted Dec 2, 2015; Authored by High-Tech Bridge SA | Site htbridge.com; WordPress Calls to Action plugin version 2.4.3 suffers from a cross site scripting vulnerability.; tags | exploit, xss; advisories | CVE-2015-8350; SHA-256 | 458830b56600d9f6b97ed18aa8b64a58c79fa0079b1d611d70b3c7fd209bdca2; Download | Favorite | View

Page 1 of 24 Back 1 2 3 4 5 Next

Top Authors In Last 30 Days

Red Hat 223 files
Ubuntu 57 files
LiquidWorm 23 files
Debian 19 files
indoushka 15 files
Apple 9 files
Google Security Research 5 files
Gentoo 5 files
Chokri Hammedi 3 files
Alter Prime 3 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,158)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,830)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,245)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,969)
UNIX (9,474)
UnixWare (188)
Windows (6,784)
Other

Files from High-Tech Bridge SA

Personal Background

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems