1с-битрикс
This hub aggregates every CVE we track for 1с-битрикс, a product in the web cms plugins space. Use it to gauge the current risk picture and drill into individual advisories.
Web & CMS Pluginson-prem
3
CVEs tracked
1
Critical
0
High
0
In CISA KEV
Severity distribution
LOW1MEDIUM1CRITICAL1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 3 most recently published vulnerabilities affecting 1с-битрикс.
- BDU:2024-01501Уязвимость компонента bitrixsetup.php системы управления веб-проектами 1С-Битрикс, позволяющая нарушителю получить несанкционированный доступ на чтение файлов в операционной системе3.3
- CVE-2015-8358Directory traversal vulnerability in the bitrix.mpbuilder module before 1.0.12 for Bitrix allows remote administrators to include and execute arbitrary local files via a .. (dot dot) in the element...9.0
- CVE-2015-8357Directory traversal vulnerability in the bitrix.xscan module before 1.0.4 for Bitrix allows remote authenticated users to rename arbitrary files, and consequently obtain sensitive information or ca...6.5
Product normalization is registry-driven with AI assist and human review. How it works