Sharetronix: >> Sharetronix >> 3.3 Security Vulnerabilities
Cross-site request forgery (CSRF) vulnerability in Sharetronix before 3.4 allows remote attackers to hijack the authentication of administrators for requests that add administrative privileges to a user via the admin parameter to admin/administrators.
CVSS Score
6.8
EPSS Score
0.002
Published
2014-05-29
SQL injection vulnerability in Sharetronix before 3.4 allows remote authenticated users to execute arbitrary SQL commands via the invite_users[] parameter to the /invite page for a group.
CVSS Score
6.5
EPSS Score
0.008
Published
2014-05-29