Vulnerabilities (CVE)

Filtered by vendor Bitrix Subscribe
Filtered by product Xscan
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-8357 1 Bitrix 1 Xscan 2024-11-21 6.5 MEDIUM N/A
Directory traversal vulnerability in the bitrix.xscan module before 1.0.4 for Bitrix allows remote authenticated users to rename arbitrary files, and consequently obtain sensitive information or cause a denial of service, via a .. (dot dot) in the file parameter to admin/bitrix.xscan_worker.php.