mirror of
https://github.com/0xMarcio/cve.git
synced 2026-03-02 19:53:47 +00:00
786 B
786 B
CVE-2014-3772
Description
TeamPass before 2.1.20 allows remote attackers to bypass access restrictions via a request to index.php followed by a direct request to a file that calls the session_start function before checking the CPM key, as demonstrated by a request to sources/upload/upload.files.php.
POC
Reference
Github
No PoCs found on GitHub currently.