{"id": "EDB-ID:37087", "type": "exploitdb", "bulletinFamily": "exploit", "title": "TeamPass 2.1.5 'login' Field HTML Injection Vulnerability", "description": "TeamPass 2.1.5 'login' Field HTML Injection Vulnerability. CVE-2012-2234. Webapps exploit for php platform", "published": "2012-04-17T00:00:00", "modified": "2012-04-17T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://www.exploit-db.com/exploits/37087/", "reporter": "Marcos Garcia", "references": [], "cvelist": ["CVE-2012-2234"], "lastseen": "2016-02-04T05:03:22", "viewCount": 3, "enchantments": {"score": {"value": 5.6, "vector": "NONE", "modified": "2016-02-04T05:03:22", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2012-2234"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:111905"]}], "modified": "2016-02-04T05:03:22", "rev": 2}, "vulnersScore": 5.6}, "sourceHref": "https://www.exploit-db.com/download/37087/", "sourceData": "source: http://www.securityfocus.com/bid/53038/info\r\n\r\nTeamPass is prone to an HTML-injection vulnerability because it fails to sanitize user-supplied input.\r\n\r\nAttacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials and control how the site is rendered to the user; other attacks are also possible.\r\n\r\nTeamPass 2.1.5 is vulnerable; other versions may also be affected.\r\n\r\nPOST /TeamPass/sources/users.queries.php HTTP/1.1\r\ntype=add_new_user&login=[XSS]&pw=testing2&email=test&admin=false&manager=true&read_only=false&personal_folder=false&new_folder_role_domain=false&domain=test&key=key ", "osvdbidlist": ["81197"]}

{"cve": [{"lastseen": "2021-02-02T05:59:48", "description": "Cross-site scripting (XSS) vulnerability in sources/users.queries.php in TeamPass before 2.1.6 allows remote authenticated users to inject arbitrary web script or HTML via the login parameter in an add_new_user action.", "edition": 6, "cvss3": {}, "published": "2012-04-22T03:44:00", "title": "CVE-2012-2234", "type": "cve", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2234"], "modified": "2017-12-13T02:29:00", "cpe": ["cpe:/a:teampass:teampass:2.1.3", "cpe:/a:teampass:teampass:2.1.2", "cpe:/a:teampass:teampass:2.1", "cpe:/a:teampass:teampass:2.1.1", "cpe:/a:teampass:teampass:2.1.4", "cpe:/a:teampass:teampass:2.1.5"], "id": "CVE-2012-2234", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2234", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:teampass:teampass:2.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:teampass:teampass:2.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:teampass:teampass:2.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:teampass:teampass:2.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:teampass:teampass:2.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:teampass:teampass:2.1:*:*:*:*:*:*:*"]}], "packetstorm": [{"lastseen": "2016-12-05T22:20:03", "description": "", "published": "2012-04-17T00:00:00", "type": "packetstorm", "title": "ETeamPass 2.1.5 Cross Site Scripting", "bulletinFamily": "exploit", "cvelist": ["CVE-2012-2234"], "modified": "2012-04-17T00:00:00", "id": "PACKETSTORM:111905", "href": "https://packetstormsecurity.com/files/111905/ETeamPass-2.1.5-Cross-Site-Scripting.html", "sourceData": "`Title: ETeamPass v2.1.5 (users.queries.php) Persistent Cross-Site \nScripting (XSS) \nType: Remote \nSeverity: Medium \nImpact: Direct execution of arbitrary code in the context of Webserver user. \nRelease Date: 16.04.2012 \nCVE: CVE-2012-2234 \nAuthor: Marcos Garcia (@artsweb) \nRelease mode: Coordinated release \n \nSummary \n======= \n \nTeamPass is a Passwords Manager dedicated for managing passwords in a \ncollaborative way on any server Apache, MySQL and PHP. \n \nDescription \n=========== \n \nA Persistent Cross Site Scripting vulnerability was found in TeamPass, \nbecause the application fails to sanitize user-supplied input. The \nvulnerability can be triggered by any user. \n \n \nVendor \n====== \n \nTeamPass - http://www.teampass.net/ \n \n \nAffected Version \n================ \n \n2.1.5 \n \nPoC \n=== \nAttack: login=[XSS] (POST) \n \nPOST /TeamPass/sources/users.queries.php HTTP/1.1 \ntype=add_new_user&login=[XSS]&pw=testing2&email=test&admin=false&manager=true&read_only=false&personal_folder=false&new_folder_role_domain=false&domain=test&key=key \n \n \nSolution \n======== \n \nUpgrade to TeamPass v2.1.6 (http://www.teampass.net/download/) \n`\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "sourceHref": "https://packetstormsecurity.com/files/download/111905/eteampass-xss.txt"}]}