Packagist (Composer) package

nilsteampassnet/teampass

pkg:composer/nilsteampassnet/teampass

Vulnerabilities (42)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2023-1463		—	< 3.0.0.23	3.0.0.23	Mar 17, 2023	Authorization Bypass Through User-Controlled Key in GitHub repository nilsteampassnet/teampass prior to 3.0.0.23.
CVE-2023-1070		—	< 3.0.0.23	3.0.0.23	Feb 27, 2023	External Control of File Name or Path in GitHub repository nilsteampassnet/teampass prior to 3.0.0.22.
CVE-2022-26980		—	<= 2.1.26	—	Mar 28, 2022	Teampass 2.1.26 allows reflected XSS via the index.php PATH_INFO.
CVE-2020-11671		—	<= 2.1.27.36	—	May 4, 2020	Lack of authorization controls in REST API functions in TeamPass through 2.1.27.36 allows any TeamPass user with a valid API token to become a TeamPass administrator and read/modify all passwords via authenticated api/index.php REST API calls. NOTE: the API is not available by de
CVE-2020-12477		—	<= 2.1.27.36	—	Apr 29, 2020	The REST API functions in TeamPass 2.1.27.36 allow any user with a valid API token to bypass IP address whitelist restrictions via an X-Forwarded-For client HTTP header to the getIp function.
CVE-2020-12478		—	—	—	Apr 29, 2020	TeamPass 2.1.27.36 allows an unauthenticated attacker to retrieve files from the TeamPass web root. This may include backups or LDAP debug files.
CVE-2020-12479		—	<= 2.1.27.36	—	Apr 29, 2020	TeamPass 2.1.27.36 allows any authenticated TeamPass user to trigger a PHP file include vulnerability via a crafted HTTP request with sources/users.queries.php newValue directory traversal.
CVE-2019-17203		—	<= 2.1.27.36	—	Oct 5, 2019	TeamPass 2.1.27.36 allows Stored XSS at the Search page by setting a crafted password for an item in any folder.
CVE-2019-17204		—	<= 2.1.27.36	—	Oct 5, 2019	TeamPass 2.1.27.36 allows Stored XSS by setting a crafted Knowledge Base label and adding any available item.
CVE-2019-17205		—	<= 2.1.27.36	—	Oct 5, 2019	TeamPass 2.1.27.36 allows Stored XSS by placing a payload in the username field during a login attempt. When an administrator looks at the log of failed logins, the XSS payload will be executed.
CVE-2019-16904		—	<= 2.1.27.36	—	Sep 26, 2019	TeamPass 2.1.27.36 allows Stored XSS by setting a crafted password for an item in a common available folder or sharing the item with an admin. (The crafted password is exploitable when viewing the change history of the item or tapping on the item.)
CVE-2019-12950		—	<= 2.1.27.35	—	Aug 6, 2019	An issue was discovered in TeamPass 2.1.27.35. From the sources/items.queries.php "Import items" feature, it is possible to load a crafted CSV file with an XSS payload.
CVE-2019-1000001		—	<= 2.1.27	—	Feb 4, 2019	TeamPass version 2.1.27 and earlier contains a Storing Passwords in a Recoverable Format vulnerability in Shared password vaults that can result in all shared passwords are recoverable server side. This attack appears to be exploitable via any vulnerability that can bypass authen
CVE-2017-15055	Hig	8.1	< 2.1.27.9	2.1.27.9	Nov 27, 2017	TeamPass before 2.1.27.9 does not properly enforce item access control when requesting items.queries.php. It is then possible to copy any arbitrary item into a directory controlled by the attacker, edit any item within a read-only directory, delete an arbitrary item, delete the f
CVE-2017-15054	Hig	7.5	< 2.1.27.9	2.1.27.9	Nov 27, 2017	An arbitrary file upload vulnerability, present in TeamPass before 2.1.27.9, allows remote authenticated users to upload arbitrary files leading to Remote Command Execution. To exploit this vulnerability, an authenticated attacker has to tamper with parameters of a request to upl
CVE-2017-15053	Med	4.9	< 2.1.27.9	2.1.27.9	Nov 27, 2017	TeamPass before 2.1.27.9 does not properly enforce manager access control when requesting roles.queries.php. It is then possible for a manager user to modify any arbitrary roles within the application, or delete any arbitrary role. To exploit the vulnerability, an authenticated a
CVE-2017-15052	Med	4.9	< 2.1.27.9	2.1.27.9	Nov 27, 2017	TeamPass before 2.1.27.9 does not properly enforce manager access control when requesting users.queries.php. It is then possible for a manager user to delete an arbitrary user (including admin), or modify attributes of any arbitrary user except administrator. To exploit the vulne
CVE-2017-15051	Med	5.4	< 2.1.27.9	2.1.27.9	Nov 27, 2017	Multiple stored cross-site scripting (XSS) vulnerabilities in TeamPass before 2.1.27.9 allow authenticated remote attackers to inject arbitrary web script or HTML via the (1) URL value of an item or (2) user log history. To exploit the vulnerability, the attacker must be first au
CVE-2017-15278	Med	5.4	< 2.1.27.9	2.1.27.9	Oct 12, 2017	Cross-Site Scripting (XSS) was discovered in TeamPass before 2.1.27.9. The vulnerability exists due to insufficient filtration of data (in /sources/folders.queries.php). An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website
CVE-2017-9436	Cri	9.8	< 2.1.27.5	2.1.27.5	Jun 5, 2017	TeamPass before 2.1.27.4 is vulnerable to a SQL injection in users.queries.php.

CVE-2023-1463Mar 17, 2023
affected < 3.0.0.23fixed 3.0.0.23
Authorization Bypass Through User-Controlled Key in GitHub repository nilsteampassnet/teampass prior to 3.0.0.23.
CVE-2023-1070Feb 27, 2023
affected < 3.0.0.23fixed 3.0.0.23
External Control of File Name or Path in GitHub repository nilsteampassnet/teampass prior to 3.0.0.22.
CVE-2022-26980Mar 28, 2022
affected <= 2.1.26
Teampass 2.1.26 allows reflected XSS via the index.php PATH_INFO.
CVE-2020-11671May 4, 2020
affected <= 2.1.27.36
Lack of authorization controls in REST API functions in TeamPass through 2.1.27.36 allows any TeamPass user with a valid API token to become a TeamPass administrator and read/modify all passwords via authenticated api/index.php REST API calls. NOTE: the API is not available by de
CVE-2020-12477Apr 29, 2020
affected <= 2.1.27.36
The REST API functions in TeamPass 2.1.27.36 allow any user with a valid API token to bypass IP address whitelist restrictions via an X-Forwarded-For client HTTP header to the getIp function.
CVE-2020-12478Apr 29, 2020
TeamPass 2.1.27.36 allows an unauthenticated attacker to retrieve files from the TeamPass web root. This may include backups or LDAP debug files.
CVE-2020-12479Apr 29, 2020
affected <= 2.1.27.36
TeamPass 2.1.27.36 allows any authenticated TeamPass user to trigger a PHP file include vulnerability via a crafted HTTP request with sources/users.queries.php newValue directory traversal.
CVE-2019-17203Oct 5, 2019
affected <= 2.1.27.36
TeamPass 2.1.27.36 allows Stored XSS at the Search page by setting a crafted password for an item in any folder.
CVE-2019-17204Oct 5, 2019
affected <= 2.1.27.36
TeamPass 2.1.27.36 allows Stored XSS by setting a crafted Knowledge Base label and adding any available item.
CVE-2019-17205Oct 5, 2019
affected <= 2.1.27.36
TeamPass 2.1.27.36 allows Stored XSS by placing a payload in the username field during a login attempt. When an administrator looks at the log of failed logins, the XSS payload will be executed.
CVE-2019-16904Sep 26, 2019
affected <= 2.1.27.36
TeamPass 2.1.27.36 allows Stored XSS by setting a crafted password for an item in a common available folder or sharing the item with an admin. (The crafted password is exploitable when viewing the change history of the item or tapping on the item.)
CVE-2019-12950Aug 6, 2019
affected <= 2.1.27.35
An issue was discovered in TeamPass 2.1.27.35. From the sources/items.queries.php "Import items" feature, it is possible to load a crafted CSV file with an XSS payload.
CVE-2019-1000001Feb 4, 2019
affected <= 2.1.27
TeamPass version 2.1.27 and earlier contains a Storing Passwords in a Recoverable Format vulnerability in Shared password vaults that can result in all shared passwords are recoverable server side. This attack appears to be exploitable via any vulnerability that can bypass authen
CVE-2017-15055HigNov 27, 2017
affected < 2.1.27.9fixed 2.1.27.9
TeamPass before 2.1.27.9 does not properly enforce item access control when requesting items.queries.php. It is then possible to copy any arbitrary item into a directory controlled by the attacker, edit any item within a read-only directory, delete an arbitrary item, delete the f
CVE-2017-15054HigNov 27, 2017
affected < 2.1.27.9fixed 2.1.27.9
An arbitrary file upload vulnerability, present in TeamPass before 2.1.27.9, allows remote authenticated users to upload arbitrary files leading to Remote Command Execution. To exploit this vulnerability, an authenticated attacker has to tamper with parameters of a request to upl
CVE-2017-15053MedNov 27, 2017
affected < 2.1.27.9fixed 2.1.27.9
TeamPass before 2.1.27.9 does not properly enforce manager access control when requesting roles.queries.php. It is then possible for a manager user to modify any arbitrary roles within the application, or delete any arbitrary role. To exploit the vulnerability, an authenticated a
CVE-2017-15052MedNov 27, 2017
affected < 2.1.27.9fixed 2.1.27.9
TeamPass before 2.1.27.9 does not properly enforce manager access control when requesting users.queries.php. It is then possible for a manager user to delete an arbitrary user (including admin), or modify attributes of any arbitrary user except administrator. To exploit the vulne
CVE-2017-15051MedNov 27, 2017
affected < 2.1.27.9fixed 2.1.27.9
Multiple stored cross-site scripting (XSS) vulnerabilities in TeamPass before 2.1.27.9 allow authenticated remote attackers to inject arbitrary web script or HTML via the (1) URL value of an item or (2) user log history. To exploit the vulnerability, the attacker must be first au
CVE-2017-15278MedOct 12, 2017
affected < 2.1.27.9fixed 2.1.27.9
Cross-Site Scripting (XSS) was discovered in TeamPass before 2.1.27.9. The vulnerability exists due to insufficient filtration of data (in /sources/folders.queries.php). An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website
CVE-2017-9436CriJun 5, 2017
affected < 2.1.27.5fixed 2.1.27.5
TeamPass before 2.1.27.4 is vulnerable to a SQL injection in users.queries.php.

Page 2 of 3