Sharetronix Multiple Input Validation Vulnerabilities
Sharetronix is prone to the following input-validation vulnerabilities:
1. Multiple PHP code-injection vulnerabilities
2. An arbitrary file-upload vulnerability
3. Multiple SQL-injection vulnerabilities
4. A cross-site request-forgery vulnerability
5. An authentication-bypass vulnerability
Attackers can exploit these issues to bypass authentication mechanism, upload arbitrary files, execute arbitrary PHP code, compromise the application, access or modify data, exploit vulnerabilities in the underlying database, or to perform unauthorized actions by enticing a logged-in user to visit a malicious site.
Sharetronix 3.1.1 is vulnerable; other versions may also be affected.