Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
teampass teampass vulnerabilities and exploits
(subscribe to this query)
578
VMScore
CVE-2017-15055
TeamPass prior to 2.1.27.9 does not properly enforce item access control when requesting items.queries.php. It is then possible to copy any arbitrary item into a directory controlled by the attacker, edit any item within a read-only directory, delete an arbitrary item, delete the...
Teampass Teampass
312
VMScore
CVE-2017-15278
Cross-Site Scripting (XSS) exists in TeamPass prior to 2.1.27.9. The vulnerability exists due to insufficient filtration of data (in /sources/folders.queries.php). An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website.
Teampass Teampass
685
VMScore
CVE-2015-7563
Cross-site request forgery (CSRF) vulnerability in TeamPass 2.1.24 and previous versions allows remote malicious users to hijack the authentication of an authenticated user.
Teampass Teampass
1 EDB exploit
NA
CVE-2023-3083
Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass before 3.0.9.
Teampass Teampass
NA
CVE-2023-3084
Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass before 3.0.9.
Teampass Teampass
NA
CVE-2023-3086
Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass before 3.0.9.
Teampass Teampass
NA
CVE-2023-3095
Improper Access Control in GitHub repository nilsteampassnet/teampass before 3.0.9.
Teampass Teampass
312
VMScore
CVE-2017-15051
Multiple stored cross-site scripting (XSS) vulnerabilities in TeamPass prior to 2.1.27.9 allow authenticated remote malicious users to inject arbitrary web script or HTML via the (1) URL value of an item or (2) user log history. To exploit the vulnerability, the attacker must be ...
Teampass Teampass
356
VMScore
CVE-2017-15052
TeamPass prior to 2.1.27.9 does not properly enforce manager access control when requesting users.queries.php. It is then possible for a manager user to delete an arbitrary user (including admin), or modify attributes of any arbitrary user except administrator. To exploit the vul...
Teampass Teampass
578
VMScore
CVE-2017-15054
An arbitrary file upload vulnerability, present in TeamPass prior to 2.1.27.9, allows remote authenticated users to upload arbitrary files leading to Remote Command Execution. To exploit this vulnerability, an authenticated attacker has to tamper with parameters of a request to u...
Teampass Teampass
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »