CVE-2014-3773

🗓️ 07 Aug 2014 10:00:00Reported by mitreType

cve🔗 web.nvd.nist.gov👁 43 Views🌐 WEB

CVE-2014-3773 Multiple SQL injection vulnerabilities in TeamPass before 2.1.20

Reporter	Title	Published	Views	Family All 5
Cvelist	CVE-2014-3773	7 Aug 201410:00	–	cvelist
EUVD	EUVD-2014-3712	7 Oct 202500:30	–	euvd
NVD	CVE-2014-3773	7 Aug 201411:13	–	nvd
OpenVAS	TeamPass < 2.1.20 Multiple Vulnerabilities	16 Oct 201400:00	–	openvas
Prion	Sql injection	7 Aug 201411:13	–	prion

NVD

Node

teampass teampassRange≤2.1.20beta

Source	Link
teampass	www.teampass.net/installation/2.1.20-released.html
openwall	www.openwall.com/lists/oss-security/2014/05/19/5
github	www.github.com/nilsteampassnet/TeamPass/commit/7715512f2bd5659cc69e063a1c513c19e384340f
openwall	www.openwall.com/lists/oss-security/2014/05/18/2
github	www.github.com/nilsteampassnet/TeamPass/commit/8820c8934d9ba0508ac345e73ad0be29049ec6de

Parameter	Position	Path	Description	CWE
login	request body	sources/main.queries.php	SQL injection via login parameter in actions send_pw_by_email or generate_new_password	CWE-89
iDisplayStart	query param	datatable.logs.php	SQL injection via iDisplayStart parameter in datatable.logs.php	CWE-89
iDisplayStart	query param	source/datatable/	SQL injection via iDisplayStart parameter in a file under source/datatable/	CWE-89
iDisplayLength	query param	datatable.logs.php	SQL injection via iDisplayLength parameter in datatable.logs.php	CWE-89
iDisplayLength	query param	source/datatable/	SQL injection via iDisplayLength parameter in a file under source/datatable/	CWE-89
sSortDir_	query param	datatable.logs.php	SQL injection via sSortDir_ parameter in datatable.logs.php	CWE-89
sSortDir_	query param	source/datatable/	SQL injection via sSortDir_ parameter in a file under source/datatable/	CWE-89

06 May 2026 22:30Current

8.3High risk

Vulners AI Score8.3

CVSS 27.5

EPSS0.00432