Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Cvelist
Cvelistadded 2026/05/08 12:0 a.m.31 views

CVE-2025-67887

1C-Bitrix through 25.100.500 allows Remote Code Execution because an actor with SOURCE/WRITE permissions for the Translate Module can upload and execute code by sending a PHP file and a .htaccess file. NOTE: this is disputed by the Supplier because this is intended behavior for the high-privilege...

0.00049EPSS
Exploits4References5
BDU FSTEC
BDU FSTECadded 2025/07/18 12:0 a.m.1 views

Vulnerability of the main and fileman modules of the 1C-Bitrix website management system: Website management that allows a hacker to gain unauthorized access to protected information beyond the web directory

Vulnerability of the main and fileman modules of the CMS system: Website management is related to vulnerabilities in path name restrictions for directories. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information beyond the web directory...

6.8CVSS5.5AI score
Exploits0References1Affected Software3
BDU FSTEC
BDU FSTECadded 2025/07/18 12:0 a.m.1 views

Vulnerability of the iblock module in the 1C-Bitrix website management system: Website management that allows attackers to gain unauthorized access to protected information

Vulnerability of the iblock module in the Content Management System CMS of 1C-Bitrix: Website management is associated with errors in processing the relative path to the catalog. Exploiting this vulnerability can allow unauthorized users to gain unauthorized access to protected information...

6.8CVSS5.5AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTECadded 2025/06/20 12:0 a.m.2 views

The vulnerability of the “Import from Excel. Upload product catalog 1C-Bitrix” plugin, which stems from the failure to take measures to neutralize special elements, allows attackers to execute arbitrary commands.

The vulnerability of the plugin “Import from Excel. Uploading product catalogs for 1C-Bitrix” is related to the failure to take measures to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

9CVSS5.9AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTECadded 2024/10/28 12:0 a.m.1 views

The vulnerability of the 1C-Bitrix website content management system, related to insufficient protection of registration data, allows a hacker to gain access to authentication data from the Microsoft Exchange Server server.

The vulnerability of the 1C-Bitrix website content management system is related to insufficient protection of registration data. Exploiting this vulnerability can allow a malicious actor to gain access to authentication data from the Microsoft Exchange Server server...

6.8CVSS5.5AI score0.00056EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTECadded 2016/07/05 12:0 a.m.3 views

Vulnerability of the 1C-Bitrix web project management system: The website management feature allows a remote attacker to obtain a reset password for any user, as well as the user’s own password.

Vulnerability of the 1C-Bitrix web project management system: Website management related to errors in the code of the pseudo-random number generator mtrand. Exploiting this vulnerability allows an unauthorized attacker to obtain confirmation codes for resetting passwords of any user, as well as t...

10CVSS5.6AI score
Exploits0References2Affected Software1
Rows per page
Query Builder