2 matches found
CVE-2023-1713 Bitrix24 Remote Command Execution (RCE) via Insecure Temporary File Creation
Insecure temporary file creation in bitrix/modules/crm/lib/order/import/instagram.php in Bitrix24 22.0.300 hosted on Apache HTTP Server allows remote authenticated attackers to execute arbitrary code via uploading a crafted ".htaccess" file...
CVE-2023-1713
CVE-2023-1713 affects Bitrix24 22.0.300. The vulnerability is in insecure temporary file creation in bitrix/modules/crm/lib/order/import/instagram.php, which allows remote authenticated attackers to execute arbitrary code by uploading a crafted “.htaccess” file. The issue impacts web server execu...