SecuritySpace - CVE-2014-3772

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2014-3772

Description: TeamPass before 2.1.20 allows remote attackers to bypass access restrictions via a request to index.php followed by a direct request to a file that calls the session_start function before checking the CPM key, as demonstrated by a request to sources/upload/upload.files.php.

Test IDs: None available

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2014-3772
http://www.openwall.com/lists/oss-security/2014/05/18/2
http://www.openwall.com/lists/oss-security/2014/05/19/5

CVE ID:	CVE-2014-3772
Description:	TeamPass before 2.1.20 allows remote attackers to bypass access restrictions via a request to index.php followed by a direct request to a file that calls the session_start function before checking the CPM key, as demonstrated by a request to sources/upload/upload.files.php.
Test IDs:	None available
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2014-3772 http://www.openwall.com/lists/oss-security/2014/05/18/2 http://www.openwall.com/lists/oss-security/2014/05/19/5