mirror of
https://github.com/0xMarcio/cve.git
synced 2025-06-19 17:30:12 +00:00
786 B
786 B
CVE-2014-3772
Description
TeamPass before 2.1.20 allows remote attackers to bypass access restrictions via a request to index.php followed by a direct request to a file that calls the session_start function before checking the CPM key, as demonstrated by a request to sources/upload/upload.files.php.
POC
Reference
Github
No PoCs found on GitHub currently.