Bitrix - Xscan CVE - CVE Search - CVE Details

Filtered by vendor Bitrix Subscribe

Filtered by product Xscan

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2015-8357	1 Bitrix	1 Xscan	2018-10-09	6.5 MEDIUM	N/A
Directory traversal vulnerability in the bitrix.xscan module before 1.0.4 for Bitrix allows remote authenticated users to rename arbitrary files, and consequently obtain sensitive information or cause a denial of service, via a .. (dot dot) in the file parameter to admin/bitrix.xscan_worker.php.

Vulnerabilities (CVE)