nilsteampassnet/teampass Security Advisories for 2.1.21 (41)
-
[CRITICAL] TeamPass privileges issue
PKSA-x31v-w4h8-4xrb CVE-2024-50703 GHSA-9wmc-988h-2mv2
Affected version: <3.1.3.1
Reported by:
GitHub -
[MEDIUM] TeamPass mail_me operation authorization issue
PKSA-r8k5-qv9m-hf6j CVE-2024-50702 GHSA-7rm3-4w6j-8xx4
Affected version: <3.1.3.1
Reported by:
GitHub -
[MEDIUM] TeamPass does not properly check whether a folder is in a user's allowed folders list
PKSA-q4rt-5vfc-wksb CVE-2024-50701 GHSA-2697-96mv-3gfm
Affected version: <3.1.3.1
Reported by:
GitHub -
[MEDIUM] TeamPass Cross-site Scripting vulnerability
PKSA-pb9g-rpcq-83fc CVE-2023-3565 GHSA-524r-w8fx-hqg3
Affected version: <3.0.10
Reported by:
GitHub -
[HIGH] TeamPass information exposure vulnerability
PKSA-w4w9-g4tx-p5pd CVE-2023-3553 GHSA-2rhg-hqq9-8xjh
Affected version: <3.0.10
Reported by:
GitHub -
[HIGH] TeamPass vulnerable to Improper Encoding or Escaping of Output
PKSA-771w-4gkn-c7y4 CVE-2023-3552 GHSA-2cv5-qvq3-6276
Affected version: <3.0.10
Reported by:
GitHub -
[CRITICAL] TeamPass Code Injection vulnerability
PKSA-vwpw-dqkm-xzp3 CVE-2023-3551 GHSA-97hm-2mfr-2p97
Affected version: <3.0.10
Reported by:
GitHub -
[HIGH] TeamPass Cross-site Scripting vulnerability
PKSA-5qtx-xpyd-1yf5 CVE-2023-3531 GHSA-pwrw-g29q-3mp8
Affected version: <3.0.10
Reported by:
GitHub -
[MEDIUM] Teampass Cross-site Scripting vulnerability
PKSA-r6ns-4jm3-9drv CVE-2023-3190 GHSA-p7xm-g427-jxfc
Affected version: <3.0.9
Reported by:
GitHub -
[MEDIUM] Teampass Cross-site Scripting vulnerability
PKSA-7mjs-bx53-v3y9 CVE-2023-3191 GHSA-qmw8-x364-xxxm
Affected version: <3.0.9
Reported by:
GitHub -
[MEDIUM] TeamPass vulnerable to Improper Access Control
PKSA-kt85-jcm7-fbt9 CVE-2023-3095 GHSA-g3jr-6vj4-3x82
Affected version: <3.0.9
Reported by:
GitHub -
[CRITICAL] TeamPass vulnerable to stored Cross-site Scripting
PKSA-7571-wnkg-2d8b CVE-2023-3086 GHSA-j245-v2mh-5h6f
Affected version: <3.0.9
Reported by:
GitHub -
[HIGH] TeamPass vulnerable to stored Cross-site Scripting
PKSA-9fw1-zxsm-t81q CVE-2023-3084 GHSA-8vm8-38pc-8xhh
Affected version: <3.0.9
Reported by:
GitHub -
[HIGH] TeamPass vulnerable to stored Cross-site Scripting
PKSA-3pmc-58zr-5cdy CVE-2023-3083 GHSA-c6fv-3jm9-6r8f
Affected version: <3.0.9
Reported by:
GitHub -
[MEDIUM] nilsteampassnet/teampass vulnerable to cross-site scripting
PKSA-6kdw-k3mb-gbr3 CVE-2023-3009 GHSA-h5g9-2p35-54c7
Affected version: <3.0.9
Reported by:
GitHub -
[HIGH] Code injection in nilsteampassnet/teampass
PKSA-7n5c-c189-ctb4 CVE-2023-2859 GHSA-h6jh-cf83-qcq5
Affected version: <3.0.9
Reported by:
GitHub -
[HIGH] teampass vulnerable to code injection
PKSA-c3yr-7v4h-w8zv CVE-2023-2591 GHSA-prj5-2g2p-x2mw
Affected version: <3.0.7
Reported by:
GitHub -
[MEDIUM] Cross Site Scripting in nilsteampassnet/teampass
PKSA-v1q2-jqzm-qy2x CVE-2023-2516 GHSA-2ffp-w665-9mgx
Affected version: <3.0.7
Reported by:
GitHub -
[MEDIUM] nilsteampassnet/teampass vulnerable to stored cross-site scripting (XSS)
PKSA-y8kv-8pf6-vbdt CVE-2023-2021 GHSA-4h2q-84w7-4mhx
Affected version: <3.0.3
Reported by:
GitHub -
[HIGH] Teampass SQL Injection vulnerability
PKSA-g6nv-nymt-yp1k CVE-2023-1545 GHSA-ppxm-q2h4-v7mm
Affected version: <3.0.0.22
Reported by:
GitHub -
[MEDIUM] Improper Authorization in nilsteampassnet/teampass
PKSA-9q4m-4ysp-517k CVE-2023-1463 GHSA-86jq-pwgx-6vrq
Affected version: <3.0.0.23
Reported by:
GitHub -
[HIGH] TeamPass External Control of File Name or Path vulnerability
PKSA-qwf6-z7qw-sq21 CVE-2023-1070 GHSA-x36g-4629-xp9v
Affected version: <3.0.0.23
Reported by:
GitHub -
[MEDIUM] TeamPass Cross-site Scripting (XSS) vulnerability
PKSA-94ft-pncz-4xgt CVE-2019-16904 GHSA-rpmr-fwh5-24fm
Affected version: <=2.1.27.36
Reported by:
GitHub -
[HIGH] TeamPass PHP arbitrary file include vulnerability
PKSA-j8ct-gbw2-67qj CVE-2020-12479 GHSA-6jf9-8m34-96w5
Affected version: <=2.1.27.36
Reported by:
GitHub -
[MEDIUM] TeamPass Stored Cross-site Scripting
PKSA-k7bx-3ngj-vxtr CVE-2019-17205 GHSA-v969-5v7f-pmg2
Affected version: <=2.1.27.36
Reported by:
GitHub -
[MEDIUM] TeamPass Stored Cross-site Scripting
PKSA-dq18-f2hf-j2d5 CVE-2019-17203 GHSA-pqx8-q35p-pgcv
Affected version: <=2.1.27.36
Reported by:
GitHub -
[MEDIUM] TeamPass Stored Cross-site Scripting
PKSA-xx3n-ngdy-n2g5 CVE-2019-17204 GHSA-qx37-225j-qr89
Affected version: <=2.1.27.36
Reported by:
GitHub -
[MEDIUM] TeamPass Cross-site Scripting (XSS)
PKSA-v6h9-zk26-qvvb CVE-2019-12950 GHSA-m3pp-jcpm-2vr9
Affected version: <=2.1.27.35
Reported by:
GitHub -
[CRITICAL] TeamPass vulnerable to SQL Injection
PKSA-g64y-t1cw-hhfb CVE-2015-7564 GHSA-r64j-5w3w-fp49
Affected version: <2.1.25
Reported by:
GitHub -
[MEDIUM] TeamPass vulnerable to Cross-site Scripting
PKSA-p1mp-b1kr-np1k CVE-2015-7562 GHSA-48q3-m4hf-56c9
Affected version: <2.1.25
Reported by:
GitHub -
[CRITICAL] TeamPass SQL injection in users.queries.php
PKSA-8zhz-4rvg-9xsw CVE-2017-9436 GHSA-cm26-gp8j-w6xf
Affected version: <2.1.27.5
Reported by:
GitHub -
[MEDIUM] TeamPass Cross-Site Scripting (XSS)
PKSA-tmqs-sp77-dd7y CVE-2017-15278 GHSA-28pv-2j2h-fmhc
Affected version: <2.1.27.9
Reported by:
GitHub -
[HIGH] TeamPass arbitrary file upload vulnerability
PKSA-m5fb-8y5f-7kfz CVE-2017-15054 GHSA-rm3q-qfrm-frrv
Affected version: <2.1.27.9
Reported by:
GitHub -
[MEDIUM] TeamPass stored cross-site scripting (XSS) vulnerability
PKSA-dw7w-yrc3-cfg2 CVE-2017-15051 GHSA-r68m-4v39-cf43
Affected version: <2.1.27.9
Reported by:
GitHub -
[HIGH] TeamPass Improper Privilege Management
PKSA-kkmd-wpkb-c2f1 CVE-2017-15055 GHSA-7ghm-6p42-h226
Affected version: <2.1.27.9
Reported by:
GitHub -
[MEDIUM] TeamPass Improper Privilege Management
PKSA-qrf6-ystk-55hk CVE-2017-15053 GHSA-xvjf-394g-phrr
Affected version: <2.1.27.9
Reported by:
GitHub -
[MEDIUM] TeamPass Improper Privilege Management
PKSA-5341-fn3x-2gzv CVE-2017-15052 GHSA-5qr3-4839-88gf
Affected version: <2.1.27.9
Reported by:
GitHub -
[CRITICAL] TeamPass Storing Passwords in a Recoverable Format vulnerability
PKSA-hrns-yqzq-5rfv CVE-2019-1000001 GHSA-q9qr-h33g-fw3j
Affected version: <=2.1.27
Reported by:
GitHub -
[MEDIUM] Cross-site Scripting in teampass
PKSA-rwpn-cdxx-qr56 CVE-2022-26980 GHSA-m2wv-m5pf-284r
Affected version: <=2.1.26
Reported by:
GitHub -
[HIGH] Missing Authorization in TeamPass
PKSA-7jtv-d8pm-9qzj CVE-2020-11671 GHSA-gmr7-m73x-6c9q
Affected version: <=2.1.27.36
Reported by:
GitHub -
[HIGH] Incorrect Authorization in TeamPass
PKSA-nf33-sywv-t2tv CVE-2020-12477 GHSA-fv48-hjhp-94c7
Affected version: <=2.1.27.36
Reported by:
GitHub