nilsteampassnet

26 exploits Active since Oct 2017
CVE-2017-15278 WRITEUP MEDIUM WRITEUP
TeamPass < 2.1.27.9 - Cross-Site Scripting in Folders Queries
Cross-Site Scripting (XSS) was discovered in TeamPass before 2.1.27.9. The vulnerability exists due to insufficient filtration of data (in /sources/folders.queries.php). An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website.
CVSS 5.4
CVE-2023-1545 WRITEUP HIGH WRITEUP
nilsteampassnet/teampass <3.0.0.23 - SQL Injection
SQL Injection in GitHub repository nilsteampassnet/teampass prior to 3.0.0.23.
CVSS 7.5
CVE-2023-2516 WRITEUP MEDIUM WRITEUP
TeamPass < 3.0.7 - Stored Cross-Site Scripting
Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.7.
CVSS 5.4
CVE-2023-2591 WRITEUP MEDIUM WRITEUP
TeamPass < 3.0.7 - Cross-Site Scripting
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitHub repository nilsteampassnet/teampass prior to 3.0.7.
CVSS 5.4
CVE-2023-2859 WRITEUP HIGH WRITEUP
nilsteampassnet/teampass <3.0.9 - Code Injection
Code Injection in GitHub repository nilsteampassnet/teampass prior to 3.0.9.
CVSS 8.8
CVE-2023-3009 WRITEUP MEDIUM WRITEUP
nilsteampassnet/teampass <3.0.9 - XSS
Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9.
CVSS 5.4
CVE-2017-15051 WRITEUP MEDIUM WRITEUP
TeamPass < 2.1.27.9 - Authenticated Stored Cross-Site Scripting via Item URL or User Log History
Multiple stored cross-site scripting (XSS) vulnerabilities in TeamPass before 2.1.27.9 allow authenticated remote attackers to inject arbitrary web script or HTML via the (1) URL value of an item or (2) user log history. To exploit the vulnerability, the attacker must be first authenticated to the application. For the first one, the attacker has to simply inject XSS code within the URL field of a shared item. For the second one however, the attacker must prepare a payload within its profile, and then ask an administrator to modify its profile. From there, whenever the administrator accesses the log, it can be XSS'ed.
CVSS 5.4
CVE-2017-15052 WRITEUP MEDIUM WRITEUP
TeamPass < 2.1.27.9 - Authenticated Privilege Escalation via users.queries.php ID Parameter Tampering
TeamPass before 2.1.27.9 does not properly enforce manager access control when requesting users.queries.php. It is then possible for a manager user to delete an arbitrary user (including admin), or modify attributes of any arbitrary user except administrator. To exploit the vulnerability, an authenticated attacker must have the manager rights on the application, then tamper with the requests sent directly, for example by changing the "id" parameter when invoking "delete_user" on users.queries.php.
CVSS 4.9
CVE-2017-15053 WRITEUP MEDIUM WRITEUP
TeamPass < 2.1.27.9 - Authenticated Privilege Escalation via roles.queries.php ID Parameter Tampering
TeamPass before 2.1.27.9 does not properly enforce manager access control when requesting roles.queries.php. It is then possible for a manager user to modify any arbitrary roles within the application, or delete any arbitrary role. To exploit the vulnerability, an authenticated attacker must have the manager rights on the application, then tamper with the requests sent directly, for example by changing the "id" parameter when invoking "delete_role" on roles.queries.php.
CVSS 4.9
CVE-2017-15054 WRITEUP HIGH WRITEUP
TeamPass < 2.1.27.9 - Authenticated Arbitrary File Upload and Remote Code Execution via upload.files.php
An arbitrary file upload vulnerability, present in TeamPass before 2.1.27.9, allows remote authenticated users to upload arbitrary files leading to Remote Command Execution. To exploit this vulnerability, an authenticated attacker has to tamper with parameters of a request to upload.files.php, in order to select the correct branch and be able to upload any arbitrary file. From there, it can simply access the file to execute code on the server.
CVSS 7.5
CVE-2017-15055 WRITEUP HIGH WRITEUP
TeamPass < 2.1.27.9 - Authenticated Improper Privilege Management via items.queries.php
TeamPass before 2.1.27.9 does not properly enforce item access control when requesting items.queries.php. It is then possible to copy any arbitrary item into a directory controlled by the attacker, edit any item within a read-only directory, delete an arbitrary item, delete the file attachments of an arbitrary item, copy the password of an arbitrary item to the copy/paste buffer, access the history of an arbitrary item, and edit attributes of an arbitrary directory. To exploit the vulnerability, an authenticated attacker must tamper with the requests sent directly, for example by changing the "item_id" parameter when invoking "copy_item" on items.queries.php.
CVSS 8.1
CVE-2023-1070 WRITEUP HIGH WRITEUP
nilsteampassnet/teampass <3.0.0.22 - Path Traversal
External Control of File Name or Path in GitHub repository nilsteampassnet/teampass prior to 3.0.0.22.
CVSS 7.1
CVE-2023-1463 WRITEUP MEDIUM WRITEUP
nilsteampassnet/teampass <3.0.0.23 - Auth Bypass
Authorization Bypass Through User-Controlled Key in GitHub repository nilsteampassnet/teampass prior to 3.0.0.23.
CVSS 5.4
CVE-2023-2021 WRITEUP MEDIUM WRITEUP
TeamPass < 3.0.3 - Stored Cross-Site Scripting
Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.3.
CVSS 5.4
CVE-2023-3083 WRITEUP HIGH WRITEUP
nilsteampassnet/teampass <3.0.9 - XSS
Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9.
CVSS 8.7
CVE-2023-3084 WRITEUP HIGH WRITEUP
nilsteampassnet/teampass <3.0.9 - XSS
Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9.
CVSS 8.1
CVE-2023-3086 WRITEUP CRITICAL WRITEUP
nilsteampassnet/teampass <3.0.9 - XSS
Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9.
CVSS 9.0
CVE-2023-3095 WRITEUP MEDIUM WRITEUP
nilsteampassnet/teampass <3.0.9 - Info Disclosure
Improper Access Control in GitHub repository nilsteampassnet/teampass prior to 3.0.9.
CVSS 6.5
CVE-2023-3190 WRITEUP MEDIUM WRITEUP
nilsteampassnet/teampass <3.0.9 - Info Disclosure
Improper Encoding or Escaping of Output in GitHub repository nilsteampassnet/teampass prior to 3.0.9.
CVSS 4.6
CVE-2023-3191 WRITEUP MEDIUM WRITEUP
nilsteampassnet/teampass <3.0.9 - XSS
Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9.
CVSS 5.4
CVE-2023-3531 WRITEUP MEDIUM WRITEUP
nilsteampassnet/teampass <3.0.10 - XSS
Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.10.
CVSS 5.4
CVE-2023-3551 WRITEUP HIGH WRITEUP
nilsteampassnet/teampass <3.0.10 - Code Injection
Code Injection in GitHub repository nilsteampassnet/teampass prior to 3.0.10.
CVSS 7.2
CVE-2023-3552 WRITEUP MEDIUM WRITEUP
nilsteampassnet/teampass <3.0.10 - Info Disclosure
Improper Encoding or Escaping of Output in GitHub repository nilsteampassnet/teampass prior to 3.0.10.
CVSS 5.4
CVE-2023-3553 WRITEUP HIGH WRITEUP
nilsteampassnet/teampass <3.0.10 - Info Disclosure
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository nilsteampassnet/teampass prior to 3.0.10.
CVSS 7.5
CVE-2023-3565 WRITEUP MEDIUM WRITEUP
nilsteampassnet/teampass <3.0.10 - XSS
Cross-site Scripting (XSS) - Generic in GitHub repository nilsteampassnet/teampass prior to 3.0.10.
CVSS 5.4