Description
Vanilla before 2.6.1 allows SQL injection via an invitationID array to /profile/deleteInvitation, related to applications/dashboard/models/class.invitationmodel.php and applications/dashboard/controllers/class.profilecontroller.php.
Remediation
References
Related Vulnerabilities
WordPress Plugin Ecwid Ecommerce Shopping Cart Cross-Site Request Forgery (6.10.23)
WordPress Plugin GD Star Rating 'export.php' Security Bypass (1.9.18)
WordPress Plugin Memphis Documents Library Arbitrary File Download (3.1.5)
WordPress Plugin Zingiri Web Shop Cookie Multiple SQL Injection Vulnerabilities (2.4.7)