cbcvebase.

Nilsteampassnet Teampass vulnerabilities

41 known vulnerabilities affecting nilsteampassnet/teampass.

Total CVEs
41
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
CRITICAL6HIGH14MEDIUM21

Vulnerabilities

Page 1 of 3
CVE-2015-7564P2CRITICALPoC≥ 0, < 2.1.252022-05-17
CVE-2015-7564 [CRITICAL] CWE-89 TeamPass vulnerable to SQL Injection TeamPass vulnerable to SQL Injection Multiple SQL injection vulnerabilities in TeamPass 2.1.24 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in an action_on_quick_icon action to item.query.php or the (2) order or (3) direction parameter in an (a) connections_logs, (b) errors_logs or (c) access_logs action to view.query.php.
ghsaosv
CVE-2023-1545P2HIGHPoC≥ 0, < 3.0.0.222023-03-21
CVE-2023-1545 [HIGH] CWE-89 Teampass SQL Injection vulnerability Teampass SQL Injection vulnerability SQL Injection in GitHub repository nilsteampassnet/teampass prior to 3.0.0.22.
ghsaosv
CVE-2019-1000001P3CRITICAL≥ 0, ≤ 2.1.272022-05-13
CVE-2019-1000001 [CRITICAL] CWE-522 TeamPass Storing Passwords in a Recoverable Format vulnerability TeamPass Storing Passwords in a Recoverable Format vulnerability TeamPass version 2.1.27 and earlier contains a Storing Passwords in a Recoverable Format vulnerability in Shared password vaults that can result in all shared passwords are recoverable server side. This attack appears to be exploitable via any vulnerability that can bypass authentication or role assignment and can lead to shared pa
ghsaosv
CVE-2015-7562P4MEDIUMPoC≥ 0, < 2.1.252022-05-17
CVE-2015-7562 [MEDIUM] CWE-79 TeamPass vulnerable to Cross-site Scripting TeamPass vulnerable to Cross-site Scripting Multiple cross-site scripting (XSS) vulnerabilities in TeamPass 2.1.24 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) label value of an item or (2) name of a role.
ghsaosv
CVE-2017-15054P3HIGH≥ 0, < 2.1.27.92022-05-17
CVE-2017-15054 [HIGH] CWE-434 TeamPass arbitrary file upload vulnerability TeamPass arbitrary file upload vulnerability An arbitrary file upload vulnerability, present in TeamPass before 2.1.27.9, allows remote authenticated users to upload arbitrary files leading to Remote Command Execution. To exploit this vulnerability, an authenticated attacker has to tamper with parameters of a request to upload.files.php, in order to select the correct branch and be able to upload any arbitrary file. From
ghsaosv
CVE-2020-12479P3HIGH≥ 0, ≤ 2.1.27.362022-05-24
CVE-2020-12479 [HIGH] CWE-22 TeamPass PHP arbitrary file include vulnerability TeamPass PHP arbitrary file include vulnerability TeamPass 2.1.27.36 allows any authenticated TeamPass user to trigger a PHP file include vulnerability via a crafted HTTP request with sources/users.queries.php newValue directory traversal.
ghsaosv
CVE-2017-15055P3HIGH≥ 0, < 2.1.27.92022-05-13
CVE-2017-15055 [HIGH] CWE-269 TeamPass Improper Privilege Management TeamPass Improper Privilege Management TeamPass before 2.1.27.9 does not properly enforce item access control when requesting items.queries.php. It is then possible to copy any arbitrary item into a directory controlled by the attacker, edit any item within a read-only directory, delete an arbitrary item, delete the file attachments of an arbitrary item, copy the password of an arbitrary item to the copy/paste buffer, access t
ghsaosv
CVE-2023-2859P3HIGH≥ 0, < 3.0.92023-05-24
CVE-2023-2859 [HIGH] CWE-94 Code injection in nilsteampassnet/teampass Code injection in nilsteampassnet/teampass nilsteampassnet/teampass prior to 3.0.9 is vulnerable to code injection. A malicious user could potentially rename a folder with a payload containing malicious code. This could result in an attack on an admin who edits the folder, as the payload could execute upon the admin's interaction with the folder. This attack could potentially allow the attacker to gain unauthorized access to
ghsaosv
CVE-2020-11671P3HIGH≥ 0, ≤ 2.1.27.362021-07-26
CVE-2020-11671 [HIGH] CWE-862 Missing Authorization in TeamPass Missing Authorization in TeamPass Lack of authorization controls in REST API functions in TeamPass through 2.1.27.36 allows any TeamPass user with a valid API token to become a TeamPass administrator and read/modify all passwords via authenticated api/index.php REST API calls. NOTE: the API is not available by default.
ghsaosv
CVE-2017-9436P3CRITICAL≥ 0, < 2.1.27.52022-05-17
CVE-2017-9436 [CRITICAL] CWE-89 TeamPass SQL injection in users.queries.php TeamPass SQL injection in users.queries.php TeamPass before 2.1.27.5 is vulnerable to a SQL injection in users.queries.php.
ghsaosv
CVE-2024-50703P3CRITICAL≥ 0, < 3.1.3.12024-12-30
CVE-2024-50703 [CRITICAL] CWE-472 TeamPass privileges issue TeamPass privileges issue TeamPass before 3.1.3.1 does not properly prevent a user from acting with the privileges of a different user_id.
ghsaosv
CVE-2020-12477P3HIGH≥ 0, ≤ 2.1.27.362021-07-26
CVE-2020-12477 [HIGH] CWE-863 Incorrect Authorization in TeamPass Incorrect Authorization in TeamPass The REST API functions in TeamPass 2.1.27.36 allow any user with a valid API token to bypass IP address whitelist restrictions via an X-Forwarded-For client HTTP header to the getIp function.
ghsaosv
CVE-2023-3553P3HIGH≥ 0, < 3.0.102023-07-08
CVE-2023-3553 [HIGH] CWE-200 TeamPass information exposure vulnerability TeamPass information exposure vulnerability TeamPass prior to 3.0.10 allows unauthenticated actors to view application-specific and user data and files by viewing an endpoint directory listing.
ghsaosv
CVE-2023-3551P3CRITICAL≥ 0, < 3.0.102023-07-08
CVE-2023-3551 [CRITICAL] CWE-94 TeamPass Code Injection vulnerability TeamPass Code Injection vulnerability Code Injection in GitHub repository nilsteampassnet/teampass prior to 3.0.10.
ghsaosv
CVE-2023-3083P3HIGH≥ 0, < 3.0.92023-06-03
CVE-2023-3083 [HIGH] CWE-79 TeamPass vulnerable to stored Cross-site Scripting TeamPass vulnerable to stored Cross-site Scripting Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9.
ghsaosv
CVE-2023-3086P3CRITICAL≥ 0, < 3.0.92023-06-03
CVE-2023-3086 [CRITICAL] CWE-79 TeamPass vulnerable to stored Cross-site Scripting TeamPass vulnerable to stored Cross-site Scripting Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9.
ghsaosv
CVE-2023-3095P3MEDIUM≥ 0, < 3.0.92023-06-04
CVE-2023-3095 [MEDIUM] CWE-284 TeamPass vulnerable to Improper Access Control TeamPass vulnerable to Improper Access Control Improper Access Control in GitHub repository nilsteampassnet/teampass prior to 3.0.9.
ghsaosv
CVE-2023-1070P4HIGH≥ 0, < 3.0.0.232023-02-27
CVE-2023-1070 [HIGH] CWE-73 TeamPass External Control of File Name or Path vulnerability TeamPass External Control of File Name or Path vulnerability External Control of File Name or Path in GitHub repository nilsteampassnet/teampass prior to 3.0.0.22.
ghsaosv
CVE-2023-3084P4HIGH≥ 0, < 3.0.92023-06-03
CVE-2023-3084 [HIGH] CWE-79 TeamPass vulnerable to stored Cross-site Scripting TeamPass vulnerable to stored Cross-site Scripting Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9.
ghsaosv
CVE-2017-15052P4MEDIUM≥ 0, < 2.1.27.92022-05-13
CVE-2017-15052 [MEDIUM] CWE-269 TeamPass Improper Privilege Management TeamPass Improper Privilege Management TeamPass before 2.1.27.9 does not properly enforce manager access control when requesting users.queries.php. It is then possible for a manager user to delete an arbitrary user (including admin), or modify attributes of any arbitrary user except administrator. To exploit the vulnerability, an authenticated attacker must have the manager rights on the application, then tamper with the req
ghsaosv
Nilsteampassnet Teampass vulnerabilities | cvebase