CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-15054
https://notcve.org/view.php?id=CVE-2017-15054
An arbitrary file upload vulnerability, present in TeamPass before 2.1.27.9, allows remote authenticated users to upload arbitrary files leading to Remote Command Execution. To exploit this vulnerability, an authenticated attacker has to tamper with parameters of a request to upload.files.php, in order to select the correct branch and be able to upload any arbitrary file. From there, it can simply access the file to execute code on the server. Una vulnerabilidad de subida de archivos arbitrarios, presente en versiones anteriores a la 2.1.27.9 de TeamPass, permite que usuarios autenticados remotos suban archivos arbitrarios conduciendo a la ejecución remota de comandos. Para explotar esta vulnerabilidad, un atacante autenticado tiene que alterar los parámetros de una petición en upload.files.php para seleccionar la rama correcta y ser capaz de subir cualquier archivo arbitrario. • http://blog.amossys.fr/teampass-multiple-cve-01.html https://github.com/nilsteampassnet/TeamPass/commit/9811c9d453da4bd1101ff7033250d1fbedf101fc • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 1CVE-2017-15055
https://notcve.org/view.php?id=CVE-2017-15055
TeamPass before 2.1.27.9 does not properly enforce item access control when requesting items.queries.php. It is then possible to copy any arbitrary item into a directory controlled by the attacker, edit any item within a read-only directory, delete an arbitrary item, delete the file attachments of an arbitrary item, copy the password of an arbitrary item to the copy/paste buffer, access the history of an arbitrary item, and edit attributes of an arbitrary directory. To exploit the vulnerability, an authenticated attacker must tamper with the requests sent directly, for example by changing the "item_id" parameter when invoking "copy_item" on items.queries.php. Las versiones anteriores a la 2.1.27.9 de TeamPass no aplican correctamente el control de acceso de elementos al solicitar items.queries.php. Es posible copiar cualquier elemento arbitrario en un directorio controlado por el atacante, editar cualquier elemento en un directorio de solo lectura, eliminar un elemento arbitrario, eliminar los archivos adjuntos de un elemento arbitrario, copiar la contraseña de un elemento arbitrario en el búfer copy/paste, acceder al historial de un elemento arbitrario y editar los atributos de un directorio arbitrario. • http://blog.amossys.fr/teampass-multiple-cve-01.html https://github.com/nilsteampassnet/TeamPass/commit/5f16f6bb132138ee04eb1e0debf2bdc7d7b7a15f • CWE-269: Improper Privilege Management •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2017-15278
https://notcve.org/view.php?id=CVE-2017-15278
Cross-Site Scripting (XSS) was discovered in TeamPass before 2.1.27.9. The vulnerability exists due to insufficient filtration of data (in /sources/folders.queries.php). An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website. Se ha descubierto Cross-Site Scripting (XSS) en TeamPass en versiones anteriores a la 2.1.27.9. Esta vulnerabilidad existe por un filtrado insuficiente de datos (en /sources/folders.queries.php). • https://github.com/nilsteampassnet/TeamPass/blob/master/changelog.md https://github.com/nilsteampassnet/TeamPass/commit/f5a765381f051fe624386866ddb1f6b5e7eb929b https://github.com/nilsteampassnet/TeamPass/releases/tag/2.1.27.9 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 39EXPL: 0CVE-2017-9436
https://notcve.org/view.php?id=CVE-2017-9436
TeamPass before 2.1.27.4 is vulnerable to a SQL injection in users.queries.php. TeamPass anterior a versión 2.1.27.4, es vulnerable a una inyección SQL en el archivo users.queries.php. • https://github.com/nilsteampassnet/TeamPass/blob/master/changelog.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2015-7562 – TeamPass 2.1.24 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2015-7562
Multiple cross-site scripting (XSS) vulnerabilities in TeamPass 2.1.24 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) label value of an item or (2) name of a role. Múltiples vulnerabilidades (XSS) en TeamPass 2.1.24 y anteriores permiten a atacantes remotos inyectar secuencias de comandos web o HTLM a través del (1) valor de etiqueta o (2) nombre de una función. • https://www.exploit-db.com/exploits/39559 https://github.com/nilsteampassnet/TeamPass/pull/1140 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •