CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

179 matches found

Bitrix Site Management 2.x - Open Redirect

Bitrix Site Management 2.x contains an open redirect vulnerability allowing attackers to redirect users to arbitrary external sites via crafted redirect parameters. id: CVE-2008-2052 info: name: Bitrix Site Management 2.x - Open Redirect author: pikpikcu,gtrrnr,liangtovi-debug severity: medium...

6.1CVSS6.5AI score0.01021EPSS

Exploits0References3

Nuclei•added yesterday•137 views

Bitrix24 <=20.0.0 - Cross-Site Scripting

The Web Application Firewall in Bitrix24 up to and including 20.0.0 allows XSS via the itemsITEMSID parameter to the components/bitrix/mobileapp.list/ajax.php/ URI. id: CVE-2020-13483 info: name: Bitrix24 20.0.0 to mitigate this vulnerability. reference: -...

6.1CVSS6.3AI score0.26042EPSS

Exploits1References5

Nuclei•added 3 days ago•27 views

Bitrix Site Manager - Remote Code Execution

In the vote aka "Polls, Votes" module before 21.0.100 of Bitrix Site Manager, a remote unauthenticated attacker can execute arbitrary code. id: CVE-2022-27228 info: name: Bitrix Site Manager - Remote Code Execution author: theamanrawat severity: critical description: In the vote aka "Polls, Votes...

10CVSS7.5AI score0.92388EPSS

Exploits1References3

NVD•added 2026/05/08 7:16 a.m.•4 views

CVE-2025-67887

1C-Bitrix through 25.100.500 allows Remote Code Execution because an actor with SOURCE/WRITE permissions for the Translate Module can upload and execute code by sending a PHP file and a .htaccess file. NOTE: this is disputed by the Supplier because this is intended behavior for the high-privilege...

9.8CVSS0.00045EPSS

Exploits4References6

CNNVD•added 2026/05/08 12:0 a.m.•5 views

1C-Bitrix 安全漏洞

1C-Bitrix is a website platform system developed by the Russian company 1C-Bitrix. It integrates content management, e-commerce, and enterprise portal functions. Versions of 1C-Bitrix 25.100.500 and earlier contained security vulnerabilities. These vulnerabilities stemmed from users with the RIGH...

9.8CVSS6.2AI score0.00045EPSS

Exploits4References1

EUVD•added 2026/05/08 12:0 a.m.•3 views

EUVD-2025-209735

6AI score0.00045EPSS

Exploits4References5

Cvelist•added 2026/05/08 12:0 a.m.•27 views

CVE-2025-67887

0.00045EPSS

Exploits4References5

Vulnrichment•added 2026/05/08 12:0 a.m.•3 views

CVE-2025-67887

6AI score0.00045EPSS

Exploits4References5

ATTACKERKB•added 2026/05/08 12:0 a.m.•6 views

CVE-2025-67887

6AI score0.00045EPSS

Exploits4References6

GithubExploit•added 2026/02/10 11:37 a.m.•155 views

creepytrix

🔒 CREEPYTRIX - Bitrix Pentest Tool v1.1 !Versionhttps://i...

6.5AI score

Exploits0

RedhatCVE•added 2026/01/09 9:36 a.m.•8 views

CVE-2024-34887

Insufficiently protected credentials in AD/LDAP server settings in 1C-Bitrix Bitrix24 23.300.100 allows remote administrators to send AD/LDAP administrators account passwords to an arbitrary server via HTTP POST request...

6.8CVSS7.2AI score0.00146EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:35 a.m.•5 views

CVE-2024-34883

Insufficiently protected credentials in DAV server settings in 1C-Bitrix Bitrix24 23.300.100 allow remote administrators to read proxy-server accounts passwords via HTTP GET request...

6.8CVSS7AI score0.0014EPSS

Exploits0References1

GithubExploit•added 2025/12/18 1:7 p.m.•223 views

Exploit for CVE-2025-67887

🛡️ Исправление для "уязвимости" CVE-2025-67887/86 в модуле Tra...

7.4AI score0.00045EPSS

Exploits6

GithubExploit•added 2025/12/18 9:0 a.m.•161 views

Exploit for CVE-2025-67887

CVE-2025-67887 1C...

7.5AI score0.00045EPSS

Exploits4

Positive Technologies•added 2025/12/18 12:0 a.m.•14 views

PT-2025-52212

Name of the Vulnerable Software and Affected Versions Bitrix24 versions prior to 25.100.301 Description Remote Code Execution is possible because an actor with SOURCE/WRITE permissions for the Translate Module can upload and execute code by sending a PHP file and a .htaccess file. The supplier...

6.3CVSS6AI score0.00036EPSS

Exploits3References12

Packet Storm•added 2025/12/18 12:0 a.m.•427 views

📄 C‑Bitrix 25.100.500 Translate Module Arbitrary File Upload

C‑Bitrix version 25.100.500 proof of concept exploit that demonstrates an arbitrary file upload vulnerability in the translate module. ============================================================================================================================================= | Title : C‑Bitrix...

7.2AI score0.00045EPSS

Exploits4

Positive Technologies•added 2025/12/18 12:0 a.m.•9 views

PT-2025-52213

Name of the Vulnerable Software and Affected Versions 1C-Bitrix versions prior to 25.100.501 Description The software contains a remote code execution issue within the Translate Module. The application does not properly validate the contents of archive files before unpacking them, allowing...

8.2AI score0.00045EPSS

Exploits4References14

Packet Storm•added 2025/12/16 12:0 a.m.•606 views

📄 1C-Bitrix 25.100.500 Remote Code Execution

1C-Bitrix versions 25.100.500 and below have a vulnerability that is located within the Translate Module, which allows users to upload and extract archive files into a temporary directory. However, the application fails to properly verify the contents of these archives before extracting them. Thi...

7.7AI score0.00045EPSS

Exploits4

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2006-2479

Malware in sbrugna...

5CVSS6.4AI score0.0072EPSS

Exploits1References7

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2006-2477

Malware in sbrugna...

4.9CVSS6.4AI score0.00439EPSS

Exploits1References7