Teampass 2.1.26.8: Unauthenticated SQL Injection

12 Dec 2016 by Martin Bednorz

Teampass

The next gift in our advent calendar reveals security issues in Teampass, a collaborative password manager first published in late 2011. We detected a critical unauthenticated SQL injection and many file inclusions which could have led to many leaked passwords and angry users. The issues were reported and fixed earlier this year.

Read More ...