Описание
TeamPass 2.1.27.36 allows any authenticated TeamPass user to trigger a PHP file include vulnerability via a crafted HTTP request with sources/users.queries.php newValue directory traversal.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| teampass | itp | package |
Связанные уязвимости
CVSS3: 8.8
nvd
почти 6 лет назад
TeamPass 2.1.27.36 allows any authenticated TeamPass user to trigger a PHP file include vulnerability via a crafted HTTP request with sources/users.queries.php newValue directory traversal.
CVSS3: 8.8
github
больше 3 лет назад
TeamPass PHP arbitrary file include vulnerability