CVE-2017-15055
CVE-2017-15055 relates to TeamPass before 2.1.27.9, where item access control is not properly enforced in items.queries.php. An authenticated attacker can tamper with requests (e.g., changing item_id in copy_item) to copy, edit, delete arbitrary items, delete attachments, copy passwords to the cl...