6 matches found
CVE-2015-8357
Directory traversal vulnerability in the bitrix.xscan module before 1.0.4 for Bitrix allows remote authenticated users to rename arbitrary files, and consequently obtain sensitive information or cause a denial of service, via a .. dot dot in the file parameter to admin/bitrix.xscanworker.php...
CVE-2015-8357
Directory traversal vulnerability in the bitrix.xscan module before 1.0.4 for Bitrix allows remote authenticated users to rename arbitrary files, and consequently obtain sensitive information or cause a denial of service, via a .. dot dot in the file parameter to admin/bitrix.xscanworker.php...
CVE-2015-8357
CVE-2015-8357 affects the Bitrix bitrix.xscan module prior to v1.0.4. A path traversal in the file parameter fed to /bitrix/admin/bitrix.xscan_worker.php allows an authenticated remote user to rename arbitrary files and disclose contents (via ../ path tricks). The vulnerability is triggered by un...
Bitrix bitrix.xscan Module 1.0.3 - Directory Traversal
Bitrix bitrix.xscan Module 1.0.3 - Directory Traversal Advisory ID: HTB23278 Product: bitrix.xscan Bitrix module Vendor: Bitrix Vulnerable Versions: 1.0.3 and probably prior Tested Version: 1.0.3 Advisory Publication: November 18, 2015 without technical details Vendor Notification: November 18,...
bitrix.scan Bitrix 1.0.3 Path Traversal Vulnerability
bitrix.scan Bitrix module version 1.0.3 suffers from a path traversal vulnerability. Product: bitrix.xscan Bitrix module Vendor: Bitrix Vulnerable Versions: 1.0.3 and probably prior Tested Version: 1.0.3 Advisory Publication: November 18, 2015 without technical details Vendor Notification: Novemb...
bitrix.scan Bitrix 1.0.3 Path Traversal
Advisory ID: HTB23278 Product: bitrix.xscan Bitrix module Vendor: Bitrix Vulnerable Versions: 1.0.3 and probably prior Tested Version: 1.0.3 Advisory Publication: November 18, 2015 without technical details Vendor Notification: November 18, 2015 Vendor Patch: November 24, 2015 Public Disclosure:...