SQL Injection Vulnerability in Sharetronix 3.4: Remote Code Execution via invite_users[] Parameter
CVE-2014-3415 · MEDIUM Severity
AV:N/AC:L/AU:S/C:P/I:P/A:P
SQL injection vulnerability in Sharetronix before 3.4 allows remote authenticated users to execute arbitrary SQL commands via the invite_users[] parameter to the /invite page for a group.
Learn more about our User Device Pen Test.