Teampass 2.1.26.8: Unauthenticated SQL Injection

12 Dec 2016 by Martin Bednorz

Teampass

The next gift in our advent calendar reveals security issues in Teampass, a collaborative password manager first published in late 2011. We detected a critical unauthenticated SQL injection and many file inclusions which could have led to many leaked passwords and angry users. The issues were reported and fixed earlier this year.

Read More