bitrix-渗透云记 - 专注于网络安全与技术分享

CVE-2023-1719: Bitrix Component – Cross-Site Scripting

漏洞标题 CVE-2023-1719: Bitrix Component - Cross-Site Scripting 漏洞描述 Global variable extraction in bitrix/modules/main/tools.php in Bitrix24 22.0.300 allows unauthenticated rem...

云记2023年9月17日 10:16

CVE-2022-27228: Bitrix Site Manager – Remote Code Execution

漏洞标题 CVE-2022-27228: Bitrix Site Manager - Remote Code Execution 漏洞描述 In the vote (aka "Polls, Votes") module before 21.0.100 of Bitrix Site Manager, a remote una...

付费阅读100 漏洞库

云记2022年11月1日 17:09

CVE-2020-13483: Bitrix24 <=20.0.0 - Cross-Site Scripting

漏洞标题 CVE-2020-13483: Bitrix24 <=20.0.0 - Cross-Site Scripting 漏洞描述 The Web Application Firewall in Bitrix24 up to and including 20.0.0 allows XSS via the items[ITEMS][ID...

付费阅读100 漏洞库

云记2020年10月5日 04:21

CVE-2023-1719: Bitrix Component – Cross-Site Scripting

漏洞标题 CVE-2023-1719: Bitrix Component - Cross-Site Scripting 漏洞描述 Global variable extraction in bitrix/modules/main/tools.php in Bitrix24 22.0.300 allows unauthenticated rem...

付费阅读100 漏洞库

云记2023年4月1日 12:19

CVE-2022-27228: Bitrix Site Manager – Remote Code Execution

漏洞标题 CVE-2022-27228: Bitrix Site Manager - Remote Code Execution 漏洞描述 In the vote (aka "Polls, Votes") module before 21.0.100 of Bitrix Site Manager, a remote una...

付费阅读100 漏洞库

云记2022年8月12日 21:28

CVE-2020-13483: Bitrix24 <=20.0.0 - Cross-Site Scripting

漏洞标题 CVE-2020-13483: Bitrix24 <=20.0.0 - Cross-Site Scripting 漏洞描述 The Web Application Firewall in Bitrix24 up to and including 20.0.0 allows XSS via the items[ITEMS][ID...

付费阅读100 漏洞库

云记2020年1月24日 04:07