TeamPass SQL Injection Vulnerability (CNVD-2016-04930)
TeamPass is a dedicated password manager for Apache, MySQL and PHP. TeamPass has a SQL injection vulnerability in sources/items.series.php. In a "sendemail" request, when the condition "$POST'cat' == "sharethisitem"" is successful, the POST parameter "id" is unescaped, which can lead to SQL...