Sharetronix 3.1.1.3, 3.1.1, and earlier does not properly restrict access to unspecified AJAX functionality, which allows remote attackers to bypass authentication via unknown vectors.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Sharetronix | Sharetronix | * | 3.1.1 (including) |
| Sharetronix | Sharetronix | 3.1.1.3 (including) | 3.1.1.3 (including) |
References
- http://osvdb.org/100607
- http://secunia.com/advisories/53936
- http://secunia.com/secunia_research/2013-12/
- http://www.securityfocus.com/bid/64102
- https://exchange.xforce.ibmcloud.com/vulnerabilities/89505
- http://osvdb.org/100607
- http://secunia.com/advisories/53936
- http://secunia.com/secunia_research/2013-12/
- http://www.securityfocus.com/bid/64102
- https://exchange.xforce.ibmcloud.com/vulnerabilities/89505