Filtered by vendor Teampass
Subscribe
Total
45 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-3191 | 1 Teampass | 1 Teampass | 2024-11-21 | N/A | 5.4 MEDIUM |
| Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9. | |||||
| CVE-2023-3190 | 1 Teampass | 1 Teampass | 2024-11-21 | N/A | 4.6 MEDIUM |
| Improper Encoding or Escaping of Output in GitHub repository nilsteampassnet/teampass prior to 3.0.9. | |||||
| CVE-2023-3095 | 1 Teampass | 1 Teampass | 2024-11-21 | N/A | 6.5 MEDIUM |
| Improper Access Control in GitHub repository nilsteampassnet/teampass prior to 3.0.9. | |||||
| CVE-2023-3086 | 1 Teampass | 1 Teampass | 2024-11-21 | N/A | 9.0 CRITICAL |
| Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9. | |||||
| CVE-2023-3084 | 1 Teampass | 1 Teampass | 2024-11-21 | N/A | 8.1 HIGH |
| Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9. | |||||
| CVE-2023-3083 | 1 Teampass | 1 Teampass | 2024-11-21 | N/A | 8.7 HIGH |
| Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9. | |||||
| CVE-2023-3009 | 1 Teampass | 1 Teampass | 2024-11-21 | N/A | 5.4 MEDIUM |
| Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9. | |||||
| CVE-2023-2859 | 1 Teampass | 1 Teampass | 2024-11-21 | N/A | 8.8 HIGH |
| Code Injection in GitHub repository nilsteampassnet/teampass prior to 3.0.9. | |||||
| CVE-2023-2591 | 1 Teampass | 1 Teampass | 2024-11-21 | N/A | 5.4 MEDIUM |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitHub repository nilsteampassnet/teampass prior to 3.0.7. | |||||
| CVE-2023-2516 | 1 Teampass | 1 Teampass | 2024-11-21 | N/A | 5.4 MEDIUM |
| Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.7. | |||||
| CVE-2023-2021 | 1 Teampass | 1 Teampass | 2024-11-21 | N/A | 5.4 MEDIUM |
| Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.3. | |||||
| CVE-2023-1545 | 1 Teampass | 1 Teampass | 2024-11-21 | N/A | 7.5 HIGH |
| SQL Injection in GitHub repository nilsteampassnet/teampass prior to 3.0.0.23. | |||||
| CVE-2023-1463 | 1 Teampass | 1 Teampass | 2024-11-21 | N/A | 5.4 MEDIUM |
| Authorization Bypass Through User-Controlled Key in GitHub repository nilsteampassnet/teampass prior to 3.0.0.23. | |||||
| CVE-2023-1070 | 1 Teampass | 1 Teampass | 2024-11-21 | N/A | 7.1 HIGH |
| External Control of File Name or Path in GitHub repository nilsteampassnet/teampass prior to 3.0.0.22. | |||||
| CVE-2022-26980 | 1 Teampass | 1 Teampass | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Teampass 2.1.26 allows reflected XSS via the index.php PATH_INFO. | |||||
| CVE-2020-12479 | 1 Teampass | 1 Teampass | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| TeamPass 2.1.27.36 allows any authenticated TeamPass user to trigger a PHP file include vulnerability via a crafted HTTP request with sources/users.queries.php newValue directory traversal. | |||||
| CVE-2020-12478 | 1 Teampass | 1 Teampass | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| TeamPass 2.1.27.36 allows an unauthenticated attacker to retrieve files from the TeamPass web root. This may include backups or LDAP debug files. | |||||
| CVE-2020-12477 | 1 Teampass | 1 Teampass | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The REST API functions in TeamPass 2.1.27.36 allow any user with a valid API token to bypass IP address whitelist restrictions via an X-Forwarded-For client HTTP header to the getIp function. | |||||
| CVE-2020-11671 | 1 Teampass | 1 Teampass | 2024-11-21 | 5.8 MEDIUM | 8.1 HIGH |
| Lack of authorization controls in REST API functions in TeamPass through 2.1.27.36 allows any TeamPass user with a valid API token to become a TeamPass administrator and read/modify all passwords via authenticated api/index.php REST API calls. NOTE: the API is not available by default. | |||||
| CVE-2019-17205 | 1 Teampass | 1 Teampass | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| TeamPass 2.1.27.36 allows Stored XSS by placing a payload in the username field during a login attempt. When an administrator looks at the log of failed logins, the XSS payload will be executed. | |||||