CVE-2015-8357

bitrix.xscan < 1.0.3 - Authenticated Path Traversal via File Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2015-8357. PoCs published by High-Tech Bridge SA.

AI-analyzed exploit summary This advisory details a path traversal vulnerability (CVE-2015-8357) in the bitrix.xscan Bitrix module, allowing an attacker to rename arbitrary PHP files to expose their contents. The exploit requires authentication but can be leveraged via CSRF by unauthenticated users.

Description

Directory traversal vulnerability in the bitrix.xscan module before 1.0.4 for Bitrix allows remote authenticated users to rename arbitrary files, and consequently obtain sensitive information or cause a denial of service, via a .. (dot dot) in the file parameter to admin/bitrix.xscan_worker.php.

Exploits (1)

exploitdb WRITEUP
by High-Tech Bridge SA · textwebappsphp
https://www.exploit-db.com/exploits/38976

This advisory details a path traversal vulnerability (CVE-2015-8357) in the bitrix.xscan Bitrix module, allowing an attacker to rename arbitrary PHP files to expose their contents. The exploit requires authentication but can be leveraged via CSRF by unauthenticated users.

Classification
Writeup 90%
Attack Type
Info Leak
Complexity
Moderate
Reliability
Reliable
Target: bitrix.xscan Bitrix module 1.0.3 and prior
Auth required
Prerequisites: Access to upload functionality · Knowledge of target file paths
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/537072/100/0/threaded
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/38976/

Scores

EPSS 0.0877
EPSS Percentile 94.5%

Details

CWE
CWE-22
Status published
Products (1)
bitrix/xscan < 1.0.3
Published Dec 16, 2015
Tracked Since Feb 18, 2026