CVE-2014-3771
TeamPass before 2.1.20 allows remote attackers to bypass access restrictions via the language file path in a (1) request to index.php or (2) "change_user_language" request to sources/main.queries.php.
Ver en NVDSeveridad
N/A
EPSS
Probabilidad de explotación (próx. 30 días): 0.0035 (0.3%)
Percentil: 57.3%
EPSS: 2026-05-06
Afecta
teampass:teampassDescripción técnica
TeamPass before 2.1.20 allows remote attackers to bypass access restrictions via the language file path in a (1) request to index.php or (2) "change_user_language" request to sources/main.queries.php.
Publicada: 7/8/2014, 11:13:35
Última modificación: 6/5/2026, 22:30:45
Referencias
- http://teampass.net/installation/2.1.20-released.html
- http://www.openwall.com/lists/oss-security/2014/05/18/2
- http://www.openwall.com/lists/oss-security/2014/05/19/5
- https://github.com/nilsteampassnet/TeamPass/commit/fd549b245c0f639a8d47bf4f74f92c37c053706f
- http://teampass.net/installation/2.1.20-released.html
- http://www.openwall.com/lists/oss-security/2014/05/18/2
- http://www.openwall.com/lists/oss-security/2014/05/19/5
- https://github.com/nilsteampassnet/TeamPass/commit/fd549b245c0f639a8d47bf4f74f92c37c053706f