TeamPass prior to 2.1.20 allows remote malicious users to bypass access restrictions via the language file path in a (1) request to index.php or (2) "change_user_language" request to sources/main.queries.php.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
teampass teampass 2.1.19 |
||
teampass teampass 2.1.2 |
||
teampass teampass 2.1.5 |
||
teampass teampass 2.1.14 |
||
teampass teampass 2.1.10 |
||
teampass teampass 2.1.13 |
||
teampass teampass 2.1.15 |
||
teampass teampass 2.1.3 |
||
teampass teampass 2.1 |
||
teampass teampass 2.1.1 |
||
teampass teampass |
||
teampass teampass 2.1.18 |
||
teampass teampass 2.1.4 |
Vulmon