CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

Github Security Blog•added 2022/05/24 5:16 p.m.•17 views

TeamPass PHP arbitrary file include vulnerability

TeamPass 2.1.27.36 allows any authenticated TeamPass user to trigger a PHP file include vulnerability via a crafted HTTP request with sources/users.queries.php newValue directory traversal...

8.8CVSS6.6AI score0.02422EPSS

Exploits1References4Affected Software1

OSV•added 2022/05/24 5:16 p.m.•16 views

GHSA-6JF9-8M34-96W5 TeamPass PHP arbitrary file include vulnerability

TeamPass 2.1.27.36 allows any authenticated TeamPass user to trigger a PHP file include vulnerability via a crafted HTTP request with sources/users.queries.php newValue directory traversal...

8.8CVSS8.4AI score0.02422EPSS

Exploits1References4

Github Security Blog•added 2022/05/24 4:57 p.m.•15 views

TeamPass Stored Cross-site Scripting

TeamPass 2.1.27.36 allows Stored XSS by placing a payload in the username field during a login attempt. When an administrator looks at the log of failed logins, the XSS payload will be executed...

6.1CVSS5.8AI score0.00427EPSS

Exploits1References4Affected Software1

OSV•added 2022/05/24 4:57 p.m.•11 views

GHSA-QX37-225J-QR89 TeamPass Stored Cross-site Scripting

TeamPass 2.1.27.36 allows Stored XSS by setting a crafted Knowledge Base label and adding any available item...

5.4CVSS5.4AI score0.00191EPSS

Exploits1References3

CNVD•added 2020/04/30 12:0 a.m.•2 views

TeamPass Injection Vulnerability

TeamPass is an open source password manager from the developers of NILS LAUMAILL? software. A security vulnerability exists in TeamPass version 2.1.27.36. An attacker can exploit this vulnerability to retrieve files including backup files or LDAP debug files in the TeamPass web root directory...

7.5CVSS7AI score0.35561EPSS

Exploits1

Prion•added 2020/04/29 10:15 p.m.•15 views

Code injection

TeamPass 2.1.27.36 allows an unauthenticated attacker to retrieve files from the TeamPass web root. This may include backups or LDAP debug files...

5CVSS7.5AI score0.35561EPSS

Exploits1References1Affected Software1

NVD•added 2019/10/05 10:15 p.m.•14 views

CVE-2019-17204

TeamPass 2.1.27.36 allows Stored XSS by setting a crafted Knowledge Base label and adding any available item...

5.4CVSS5.2AI score0.00191EPSS

Exploits1References1

OSV•added 2019/10/05 10:15 p.m.•9 views

CVE-2019-17204

TeamPass 2.1.27.36 allows Stored XSS by setting a crafted Knowledge Base label and adding any available item...

5.4CVSS5.8AI score

Exploits0References1

OSV•added 2019/10/05 10:15 p.m.•13 views

CVE-2019-17205

TeamPass 2.1.27.36 allows Stored XSS by placing a payload in the username field during a login attempt. When an administrator looks at the log of failed logins, the XSS payload will be executed...

6.1CVSS5.8AI score

Exploits0References1

CVE•added 2019/10/05 9:44 p.m.•124 views

CVE-2019-17205

The CVE-2019-17205 entry affects TeamPass 2.1.27.36 and describes a Stored XSS vulnerability: an attacker can place an XSS payload in the username field during login, with the payload executing when an administrator views the log of failed logins. This is the concrete vulnerability described acro...

6.1CVSS6AI score0.00427EPSS

Exploits1References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by