2 matches found
CVE-2014-3773
Multiple SQL injection vulnerabilities in TeamPass before 2.1.20 allow remote attackers to execute arbitrary SQL commands via the login parameter in a 1 sendpwbyemail or 2 generatenewpassword action in sources/main.queries.php; iDisplayStart parameter to 3 datatable.logs.php or 4 a file in...
CVE-2014-3773
CVE-2014-3773 concerns TeamPass prior to version 2.1.20, with multiple SQL injection vulnerabilities exposed through various parameters in the web interface. The affected components include sources/main.queries.php (login-related actions: send_pw_by_email, generate_new_password) and data handling...