Lucene search
K

6 matches found

NVD
NVD
added 2015/12/16 9:59 p.m.28 views

CVE-2015-8357

Directory traversal vulnerability in the bitrix.xscan module before 1.0.4 for Bitrix allows remote authenticated users to rename arbitrary files, and consequently obtain sensitive information or cause a denial of service, via a .. dot dot in the file parameter to admin/bitrix.xscanworker.php...

6.5CVSS6.4AI score0.08357EPSS
Exploits5References5
Cvelist
Cvelist
added 2015/12/16 9:0 p.m.32 views

CVE-2015-8357

Directory traversal vulnerability in the bitrix.xscan module before 1.0.4 for Bitrix allows remote authenticated users to rename arbitrary files, and consequently obtain sensitive information or cause a denial of service, via a .. dot dot in the file parameter to admin/bitrix.xscanworker.php...

6.4AI score0.08357EPSS
Exploits5References5
CVE
CVE
added 2015/12/16 9:0 p.m.54 views

CVE-2015-8357

CVE-2015-8357 affects the Bitrix bitrix.xscan module prior to v1.0.4. A path traversal in the file parameter fed to /bitrix/admin/bitrix.xscan_worker.php allows an authenticated remote user to rename arbitrary files and disclose contents (via ../ path tricks). The vulnerability is triggered by un...

6.5CVSS6.6AI score0.08357EPSS
Exploits5References5Affected Software1
exploitpack
exploitpack
added 2015/12/14 12:0 a.m.107 views

Bitrix bitrix.xscan Module 1.0.3 - Directory Traversal

Bitrix bitrix.xscan Module 1.0.3 - Directory Traversal Advisory ID: HTB23278 Product: bitrix.xscan Bitrix module Vendor: Bitrix Vulnerable Versions: 1.0.3 and probably prior Tested Version: 1.0.3 Advisory Publication: November 18, 2015 without technical details Vendor Notification: November 18,...

6.5CVSS0.1AI score0.08357EPSS
Exploits5
0day.today
0day.today
added 2015/12/11 12:0 a.m.90 views

bitrix.scan Bitrix 1.0.3 Path Traversal Vulnerability

bitrix.scan Bitrix module version 1.0.3 suffers from a path traversal vulnerability. Product: bitrix.xscan Bitrix module Vendor: Bitrix Vulnerable Versions: 1.0.3 and probably prior Tested Version: 1.0.3 Advisory Publication: November 18, 2015 without technical details Vendor Notification: Novemb...

6.5CVSS0.5AI score0.08357EPSS
Exploits5
Packet Storm
Packet Storm
added 2015/12/11 12:0 a.m.94 views

bitrix.scan Bitrix 1.0.3 Path Traversal

Advisory ID: HTB23278 Product: bitrix.xscan Bitrix module Vendor: Bitrix Vulnerable Versions: 1.0.3 and probably prior Tested Version: 1.0.3 Advisory Publication: November 18, 2015 without technical details Vendor Notification: November 18, 2015 Vendor Patch: November 24, 2015 Public Disclosure:...

6.5CVSS0.1AI score0.08357EPSS
Exploits5
Rows per page
Query Builder