CVE-2017-20122

A vulnerability classified as problematic was found in Bitrix Site Manager 12.06.2015. Affected by this vulnerability is an unknown functionality of the component Contact Form. The manipulation of the argument text with the input leads to basic cross site scripting. The attack can be launched...

Cross site scripting

A vulnerability classified as problematic was found in Bitrix Site Manager 12.06.2015. Affected by this vulnerability is an unknown functionality of the component Contact Form. The manipulation of the argument text with the input leads to basic cross site scripting. The attack can be launched...

CVE-2017-20122 Bitrix Site Manager Contact Form cross site scripting

A vulnerability classified as problematic was found in Bitrix Site Manager 12.06.2015. Affected by this vulnerability is an unknown functionality of the component Contact Form. The manipulation of the argument text with the input leads to basic cross site scripting. The attack can be launched...

CVE-2017-20122

CVE-2017-20122 affects Bitrix Site Manager 12.06.2015, specifically an unknown functionality in the Contact Form. The vulnerability arises from manipulating the text argument with the payload which leads to basic cross-site scripting. The attack can be launched remotely and the exploit has been ...

Bitrix Site Manager 跨站脚本漏洞

Bitrix Site Manager is a website management system from Bitrix USA. A security vulnerability exists in Bitrix Site Manager version 12.06.2015. An attacker could exploit this vulnerability to perform cross-site scripting attacks...

PT-2022-7390

Name of the Vulnerable Software and Affected Versions Bitrix versions prior to 7.5.0 Description The issue is related to the unrestricted upload of dangerous file types in the "1C-Bitrix: Virtual Machine" VMBitrix virtual server. This can be exploited by a remote attacker to execute arbitrary cod...

CVE-2022-27228

In the vote aka "Polls, Votes" module before 21.0.100 of Bitrix Site Manager, a remote unauthenticated attacker can execute arbitrary code...

CVE-2022-27228

In the vote aka "Polls, Votes" module before 21.0.100 of Bitrix Site Manager, a remote unauthenticated attacker can execute arbitrary code...

CVE-2022-27228

In the vote aka "Polls, Votes" module before 21.0.100 of Bitrix Site Manager, a remote unauthenticated attacker can execute arbitrary code...

Code injection

In the vote aka "Polls, Votes" module before 21.0.100 of Bitrix Site Manager, a remote unauthenticated attacker can execute arbitrary code...

CVE-2022-27228

In the vote aka "Polls, Votes" module before 21.0.100 of Bitrix Site Manager, a remote unauthenticated attacker can execute arbitrary code...

CVE-2022-27228

CVE-2022-27228 affects Bitrix Site Manager’s built-in vote (Polls, Votes) module prior to version 21.0.100. A remote unauthenticated attacker can execute arbitrary code on affected systems due to the module’s vulnerability, with CVSS overall high impact (C/H/I/A all high) reported in multiple sou...

EUVD-2022-31737

In the vote aka "Polls, Votes" module before 21.0.100 of Bitrix Site Manager, a remote unauthenticated attacker can execute arbitrary code...

Bitrix Site Manager 输入验证错误漏洞

Bitrix Site Manager is a web site management system from Bitrix USA. A security vulnerability exists in Bitrix Site Manager prior to version 21.0.100. An unauthenticated attacker could remotely execute arbitrary code...

Vulnerability of the “vote” module in the content management system (CMS) of 1C-Bitrix: Website management related to the ability to send specially crafted network packets, allowing attackers to upload arbitrary files into the vulnerable system.

Vulnerability of the “vote” module in the content management system CMS of 1C-Bitrix: Website management involves the ability to send specially crafted network packets. Exploiting this vulnerability can allow a malicious actor to upload arbitrary files into the vulnerable system...

PT-2022-1778

Name of the Vulnerable Software and Affected Versions Bitrix Site Manager versions prior to 21.0.100 Bitrix Site Manager versions 22.0.0 through 22.0.400 Bitrix Site Manager module Landing versions prior to 23.800.0 Description The 'vote' also known as "Polls, Votes" module in Bitrix Site Manager...

CVE-2020-28206

The CVE-2020-28206 entry describes a vulnerability in Bitrix24 Bitrix Framework (1c site management) version 20.0 where a flaw in the admin login form allows user enumeration of administrator-group accounts and enables brute-force attempts on passwords for users not in the administrator group. Th...

Bitrix Framework Security Vulnerability

Bitrix24 is a suite of enterprise social platforms from Bitrix USA. The platform includes features such as online communication, calendar management and CRM Customer Relationship Management. A security vulnerability exists in the Bitrix24 Bitrix Framework, which stems from an "improper restrictio...

1C-Bitrix Site Management Russia 2.0 Open Redirection

Exploit Title : 1C-Bitrix Site Management Russia 2.0 Open Redirection Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 05/03/2019 Vendor Homepages : 1c-bitrix.ru bitrix24.com Software Information Link : 1c-bitrix.ru/support/...

street-beat.ru XSS vulnerability

Open Bug Bounty ID: OBB-707041 Description| Value ---|--- Affected Website:| street-beat.ru Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Bitrix Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...