18 matches found
CVE-2023-2859
Code Injection in GitHub repository nilsteampassnet/teampass prior to 3.0.9...
Improper Access Control
nilsteampassnet/teampass is vulnerable to Improper Access Control. A remote authenticated attacker is able to gain access to read the information of other users via guessing and editing the ID on the request, resulting in disclosure of sensitive information...
CVE-2023-3565
Cross-site Scripting XSS - Generic in GitHub repository nilsteampassnet/teampass prior to 3.0.10...
CVE-2023-3565
CVE-2023-3565 corresponds to a Cross-site Scripting (XSS) vulnerability in TeamPass (nilsteampassnet/teampass) prior to version 3.0.10. Multiple connected records confirm the issue as a generic XSS condition in the GitHub repo, with remediation guidance to upgrade to 3.0.10 or newer. Some sources...
CVE-2023-3190 Improper Encoding or Escaping of Output in nilsteampassnet/teampass
Improper Encoding or Escaping of Output in GitHub repository nilsteampassnet/teampass prior to 3.0.9...
CVE-2023-3086
Cross-site Scripting XSS - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9...
CVE-2023-3084
Cross-site Scripting XSS - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9...
CVE-2023-3086 Cross-site Scripting (XSS) - Stored in nilsteampassnet/teampass
Cross-site Scripting XSS - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9...
CVE-2023-3009
Cross-site Scripting XSS - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9...
CVE-2023-3009 Cross-site Scripting (XSS) - Stored in nilsteampassnet/teampass
Cross-site Scripting XSS - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9...
CVE-2023-2859 Code Injection in nilsteampassnet/teampass
Code Injection in GitHub repository nilsteampassnet/teampass prior to 3.0.9...
CVE-2023-2516
Cross-site Scripting XSS - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.7...
CVE-2023-2516 Cross-site Scripting (XSS) - Stored in nilsteampassnet/teampass
Cross-site Scripting XSS - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.7...
CVE-2023-2021 Cross-site Scripting (XSS) - Stored in nilsteampassnet/teampass
Cross-site Scripting XSS - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.3...
Sql injection
SQL Injection in GitHub repository nilsteampassnet/teampass prior to 3.0.0.23...
CVE-2023-1545 SQL Injection in nilsteampassnet/teampass
SQL Injection in GitHub repository nilsteampassnet/teampass prior to 3.0.0.23...
CVE-2023-1070 External Control of File Name or Path in nilsteampassnet/teampass
External Control of File Name or Path in GitHub repository nilsteampassnet/teampass prior to 3.0.0.22...
Cross-site Scripting (XSS)
nilsteampassnet/TeamPass is vulnerable to cross-site scripting XSS. The vulnerability exists as the value of password is not sanitized when displayed in a preview from a search result...