High severity8.6NVD Advisory· Published Sep 18, 2020· Updated Jun 17, 2026
CVE-2020-15958
CVE-2020-15958
Description
An issue was discovered in 1CRM System through 8.6.7. An insecure direct object reference to internally stored files allows a remote attacker to access various sensitive information via an unauthenticated request with a predictable URL.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- 1CRM System/1CRM Systemdescription
Patches
Vulnerability mechanics
References
4- packetstormsecurity.com/files/159193/1CRM-8.6.7-Insecure-Direct-Object-Reference.htmlnvdExploitThird Party AdvisoryVDB Entry
- seclists.org/fulldisclosure/2020/Sep/31nvdExploitMailing ListThird Party Advisory
- aramido.de/blog/sicherheitshinweise/sicherheitswarnung-1crm-schutzt-daten-unzureichend-cve-2020-15958nvdThird Party Advisory
- 1crm.com/documentation/nvdProduct
News mentions
0No linked articles in our index yet.