Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
TeamPass 2.1.27.36 allows any authenticated TeamPass user to trigger a PHP file include vulnerability via a crafted HTTP request with sources/users.queries.php newValue directory traversal.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
TeamPass 路径遍历漏洞
Vulnerability Description
TeamPass是NILS LAUMAILL?软件开发者的一款开源的密码管理器。 TeamPass 2.1.27.36版本中存在安全漏洞。攻击者可通过向sources/users.queries.php文件发送带有‘newValue’参数的HTTP请求利用该漏洞包含任意文件,并可能执行代码。
CVSS Information
N/A
Vulnerability Type
N/A