Описание
TeamPass PHP arbitrary file include vulnerability
TeamPass 2.1.27.36 allows any authenticated TeamPass user to trigger a PHP file include vulnerability via a crafted HTTP request with sources/users.queries.php newValue directory traversal.
Пакеты
Наименование
nilsteampassnet/teampass
composer
Затронутые версииВерсия исправления
<= 2.1.27.36
Отсутствует
Связанные уязвимости
CVSS3: 8.8
nvd
почти 6 лет назад
TeamPass 2.1.27.36 allows any authenticated TeamPass user to trigger a PHP file include vulnerability via a crafted HTTP request with sources/users.queries.php newValue directory traversal.
CVSS3: 8.8
debian
почти 6 лет назад
TeamPass 2.1.27.36 allows any authenticated TeamPass user to trigger a ...