exploitDog

CVE-2020-19363

Опубликовано: 20 янв. 2021

Источник: nvd

CVSS3: 6.5

CVSS2: 4.3

EPSS Низкий

Описание

Vtiger CRM v7.2.0 allows an attacker to display hidden files, list directories by using /libraries and /layout directories.

Ссылки

https://emreovunc.com/blog/en/vtiger_crm_directorylisting_01.png
Third Party Advisory
https://emreovunc.com/blog/en/vtiger_crm_directorylisting_02.png
Third Party Advisory
https://github.com/EmreOvunc/Vtiger-CRM-Vulnerabilities/
Exploit
Third Party Advisory
https://emreovunc.com/blog/en/vtiger_crm_directorylisting_01.png
Third Party Advisory
https://emreovunc.com/blog/en/vtiger_crm_directorylisting_02.png
Third Party Advisory
https://github.com/EmreOvunc/Vtiger-CRM-Vulnerabilities/
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:vtiger:vtiger_crm:7.2.0:*:*:*:*:*:*:*

EPSS

Процентиль: 90%

0.0561

Низкий

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-pqwj-3wvm-qp88

github

больше 3 лет назад

Vtiger CRM v7.2.0 allows an attacker to display hidden files, list directories by using /libraries and /layout directories.

EPSS

Процентиль: 90%

0.0561

Низкий

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-200