Vulnerabilities (CVE)

Filtered by vendor Teampass Subscribe

Filtered by product Teampass

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2019-1000001	1 Teampass	1 Teampass	2020-08-24	5.0 MEDIUM	9.8 CRITICAL
TeamPass version 2.1.27 and earlier contains a Storing Passwords in a Recoverable Format vulnerability in Shared password vaults that can result in all shared passwords are recoverable server side. This attack appears to be exploitable via any vulnerability that can bypass authentication or role assignment and can lead to shared password leakage.
CVE-2017-9436	1 Teampass	1 Teampass	2017-06-13	7.5 HIGH	9.8 CRITICAL
TeamPass before 2.1.27.4 is vulnerable to a SQL injection in users.queries.php.
CVE-2015-7564	1 Teampass	1 Teampass	2017-04-20	7.5 HIGH	9.8 CRITICAL
Multiple SQL injection vulnerabilities in TeamPass 2.1.24 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in an action_on_quick_icon action to item.query.php or the (2) order or (3) direction parameter in an (a) connections_logs, (b) errors_logs or (c) access_logs action to view.query.php.