mirror of
https://github.com/0xMarcio/cve.git
synced 2026-03-29 16:20:47 +02:00
797 B
797 B
CVE-2014-3772
Description
TeamPass before 2.1.20 allows remote attackers to bypass access restrictions via a request to index.php followed by a direct request to a file that calls the session_start function before checking the CPM key, as demonstrated by a request to sources/upload/upload.files.php.
POC
Reference
Github
No PoCs found on GitHub currently.