CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

1crm: Security Vulnerabilities

CVE-2020-15958

An issue was discovered in 1CRM System through 8.6.7. An insecure direct object reference to internally stored files allows a remote attacker to access various sensitive information via an unauthenticated request with a predictable URL.

CVSS Score

8.6

EPSS Score

0.009

Published

2020-09-18

CVE-2019-14221

1CRM On-Premise Software 8.5.7 allows XSS via a payload that is mishandled during a Run Report operation.

CVSS Score

5.4

EPSS Score

0.002

Published

2019-08-08

Page 1

Vulnerabilities

Vulnerable Software

1crm: Security Vulnerabilities

Products

Pricing

Contact Us