CVE-2013-5356

Sharetronix 3.1.1.3, 3.1.1, and earlier does not properly restrict access to unspecified AJAX functionality, which allows remote attackers to bypass authentication via unknown vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
flexeraCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 64%
VendorProductVersion
sharetronixsharetronix
𝑥
≤ 3.1.1
sharetronixsharetronix
3.1.1.3
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://osvdb.org/100607
http://secunia.com/advisories/53936
http://secunia.com/secunia_research/2013-12/
http://www.securityfocus.com/bid/64102
https://exchange.xforce.ibmcloud.com/vulnerabilities/89505
http://osvdb.org/100607
http://secunia.com/advisories/53936
http://secunia.com/secunia_research/2013-12/
http://www.securityfocus.com/bid/64102
https://exchange.xforce.ibmcloud.com/vulnerabilities/89505