CVE-2020-19363
MEDIUM EXPLOITED NUCLEIVtiger Crm - Information Disclosure
Title source: ruleDescription
Vtiger CRM v7.2.0 allows an attacker to display hidden files, list directories by using /libraries and /layout directories.
Nuclei Templates (1)
Vtiger CRM v7.2.0 - Directory Listing
MEDIUMVERIFIEDby 0x_Akoko
Shodan:
http.html:"vtiger CRM"
FOFA:
body="vtiger CRM"
References (3)
Scores
CVSS v3
6.5
EPSS
0.0561
EPSS Percentile
90.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Details
VulnCheck KEV
2026-02-11
CWE
CWE-200
Status
published
Products (1)
vtiger/vtiger_crm
7.2.0
Published
Jan 20, 2021
Tracked Since
Feb 18, 2026