CyberSec.Space Logo
Back to CVE Browser

CVE-2017-9436

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0860%
EPSS Percentile18.68th
PublishedJun 5, 2017
Last ModifiedMay 13, 2026

Vulnerability Description

TeamPass before 2.1.27.4 is vulnerable to a SQL injection in users.queries.php.

Affected Platforms (CPE)

πŸ“¦
Teampass

Teampass

= 2.1.20.0
πŸ“¦
Teampass

Teampass

= 2.1.22.0
πŸ“¦
Teampass

Teampass

= 2.1.23.1
πŸ“¦
Teampass

Teampass

= 2.1.23.2
πŸ“¦
Teampass

Teampass

= 2.1.23.3
πŸ“¦
Teampass

Teampass

= 2.1.23.4
πŸ“¦
Teampass

Teampass

= 2.1.24.0
πŸ“¦
Teampass

Teampass

= 2.1.24.1
πŸ“¦
Teampass

Teampass

= 2.1.24.2
πŸ“¦
Teampass

Teampass

= 2.1.24.3
πŸ“¦
Teampass

Teampass

= 2.1.24.4
πŸ“¦
Teampass

Teampass

= 2.1.25.0
πŸ“¦
Teampass

Teampass

= 2.1.25.1
πŸ“¦
Teampass

Teampass

= 2.1.25.2
πŸ“¦
Teampass

Teampass

= 2.1.26
πŸ“¦
Teampass

Teampass

= 2.1.26.0
πŸ“¦
Teampass

Teampass

= 2.1.26.1
πŸ“¦
Teampass

Teampass

= 2.1.26.2
πŸ“¦
Teampass

Teampass

= 2.1.26.3
πŸ“¦
Teampass

Teampass

= 2.1.26.4
πŸ“¦
Teampass

Teampass

= 2.1.26.5
πŸ“¦
Teampass

Teampass

= 2.1.26.6
πŸ“¦
Teampass

Teampass

= 2.1.26.7
πŸ“¦
Teampass

Teampass

= 2.1.26.8
πŸ“¦
Teampass

Teampass

= 2.1.26.9
πŸ“¦
Teampass

Teampass

= 2.1.26.10
πŸ“¦
Teampass

Teampass

= 2.1.26.11
πŸ“¦
Teampass

Teampass

= 2.1.26.12
πŸ“¦
Teampass

Teampass

= 2.1.26.13
πŸ“¦
Teampass

Teampass

= 2.1.26.14
πŸ“¦
Teampass

Teampass

= 2.1.26.15
πŸ“¦
Teampass

Teampass

= 2.1.26.16
πŸ“¦
Teampass

Teampass

= 2.1.26.17
πŸ“¦
Teampass

Teampass

= 2.1.26.18
πŸ“¦
Teampass

Teampass

= 2.1.26.19
πŸ“¦
Teampass

Teampass

= 2.1.27.0
πŸ“¦
Teampass

Teampass

= 2.1.27.1
πŸ“¦
Teampass

Teampass

= 2.1.27.2
πŸ“¦
Teampass

Teampass

= 2.1.27.3

References & Advisories

πŸ”— https://github.com/nilsteampassnet/TeamPass/blob/master/changelog.md
πŸ”— https://github.com/nilsteampassnet/TeamPass/blob/master/changelog.md

Related Vulnerabilities

CVE-2015-75649.8

Multiple SQL injection vulnerabilities in TeamPass 2.1.24 and earlier allow remote attackers to execute arbitrary SQL commands via...

CVE-2019-10000019.8

TeamPass version 2.1.27 and earlier contains a Storing Passwords in a Recoverable Format vulnerability in Shared password vaults t...

CVE-2020-124798.8

TeamPass 2.1.27.36 allows any authenticated TeamPass user to trigger a PHP file include vulnerability via a crafted HTTP request w...

CVE-2015-75638.8

Cross-site request forgery (CSRF) vulnerability in TeamPass 2.1.24 and earlier allows remote attackers to hijack the authenticatio...