CVE-2023-1545

This Python script exploits a SQL injection vulnerability in TeamPass (CVE-2023-1545) by injecting malicious SQL queries into the login parameter of the API endpoint. It extracts user credentials by leveraging a UNION-based SQL injection technique and decoding JWT tokens.

This PoC exploits a SQL injection vulnerability in Teampass's API authorization endpoint to dump user credentials. It uses a UNION-based attack to extract usernames and password hashes from the database.

This is a functional SQL Injection PoC for CVE-2023-1545 targeting Teampass versions prior to 3.0.0.23. It exploits an authentication bypass via SQLi to extract user credentials from the database.

This PoC exploits a SQL injection vulnerability in Teampass via the API endpoint, allowing an attacker to extract user credentials by manipulating the login parameter. It demonstrates the ability to bypass authentication and dump user data.

This exploit leverages a SQL injection vulnerability in CVE-2023-1545 to extract user credentials from the teampass_users table. It bypasses authentication by injecting a UNION SELECT query and retrieves usernames and password hashes.