Vulnerability Details CVE-2019-20059
payment_manage.ajax.php and various *_manage.ajax.php in MFScripts YetiShare 3.5.2 through 4.5.4 directly insert values from the sSortDir_0 parameter into a SQL string. This allows an attacker to inject their own SQL and manipulate the query, typically extracting data from the database, aka SQL Injection. NOTE: this issue exists because of an incomplete fix for CVE-2019-19732.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.015
EPSS Ranking 80.0%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.8
References
- https://github.com/jra89/CVE-2019-20059
- https://medium.com/%40jra8908/yetishare-3-5-2-4-5-4-multiple-vulnerabilities-927d17b71ad
- https://mfscripts.com/
- https://yetishare.com/
- https://github.com/jra89/CVE-2019-20059
- https://medium.com/%40jra8908/yetishare-3-5-2-4-5-4-multiple-vulnerabilities-927d17b71ad
- https://mfscripts.com/
- https://yetishare.com/
Products affected by CVE-2019-20059
-
cpe:2.3:a:mfscripts:yetishare:3.11
-
cpe:2.3:a:mfscripts:yetishare:3.5.2
-
cpe:2.3:a:mfscripts:yetishare:3.5.3
-
cpe:2.3:a:mfscripts:yetishare:4.0
-
cpe:2.3:a:mfscripts:yetishare:4.0.1
-
cpe:2.3:a:mfscripts:yetishare:4.1
-
cpe:2.3:a:mfscripts:yetishare:4.1.1
-
cpe:2.3:a:mfscripts:yetishare:4.2
-
cpe:2.3:a:mfscripts:yetishare:4.3
-
cpe:2.3:a:mfscripts:yetishare:4.4
-
cpe:2.3:a:mfscripts:yetishare:4.4.1
-
cpe:2.3:a:mfscripts:yetishare:4.5
-
cpe:2.3:a:mfscripts:yetishare:4.5.1
-
cpe:2.3:a:mfscripts:yetishare:4.5.2
-
cpe:2.3:a:mfscripts:yetishare:4.5.3
-
cpe:2.3:a:mfscripts:yetishare:4.5.4