CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Bitrix: >> Xscan >> 1.0.3 Security Vulnerabilities

CVE-2015-8357

Directory traversal vulnerability in the bitrix.xscan module before 1.0.4 for Bitrix allows remote authenticated users to rename arbitrary files, and consequently obtain sensitive information or cause a denial of service, via a .. (dot dot) in the file parameter to admin/bitrix.xscan_worker.php.

CVSS Score

6.5

EPSS Score

0.048

Published

2015-12-16

Page 1

Vulnerabilities

Vulnerable Software

Bitrix: >> Xscan >> 1.0.3 Security Vulnerabilities

Products

Pricing

Contact Us