Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

5 matches found

RedhatCVE
RedhatCVEadded 2025/05/22 10:9 a.m.5 views

CVE-2019-19732

translationmanagetext.ajax.php and various manage.ajax.php in MFScripts YetiShare 3.5.2 through 4.5.3 directly insert values from the aSortDir0 and/or sSortDir0 parameter into a SQL string. This allows an attacker to inject their own SQL and manipulate the query, typically extracting data from th...

7.2CVSS6.8AI score0.01089EPSS
Exploits1References1
OSV
OSVadded 2020/02/10 1:15 p.m.3 views

CVE-2019-20059

paymentmanage.ajax.php and various manage.ajax.php in MFScripts YetiShare 3.5.2 through 4.5.4 directly insert values from the sSortDir0 parameter into a SQL string. This allows an attacker to inject their own SQL and manipulate the query, typically extracting data from the database, aka SQL...

8.8CVSS7.2AI score0.00937EPSS
Exploits1References4
Prion
Prionadded 2020/02/10 1:15 p.m.16 views

Sql injection

paymentmanage.ajax.php and various manage.ajax.php in MFScripts YetiShare 3.5.2 through 4.5.4 directly insert values from the sSortDir0 parameter into a SQL string. This allows an attacker to inject their own SQL and manipulate the query, typically extracting data from the database, aka SQL...

6.8CVSS7.3AI score0.01089EPSS
Exploits2References4Affected Software1
NVD
NVDadded 2019/12/30 5:15 p.m.12 views

CVE-2019-19732

translationmanagetext.ajax.php and various manage.ajax.php in MFScripts YetiShare 3.5.2 through 4.5.3 directly insert values from the aSortDir0 and/or sSortDir0 parameter into a SQL string. This allows an attacker to inject their own SQL and manipulate the query, typically extracting data from th...

7.2CVSS7.8AI score0.01089EPSS
Exploits1References2
CVE
CVEadded 2019/12/30 4:59 p.m.57 views

CVE-2019-19732

The CVE-2019-19732 entry affects MFScripts YetiShare versions 3.5.2 through 4.5.3 (and related revisions noted in connected records). The underlying issue is direct insertion of values from the aSortDir_0 and/or sSortDir_0 parameters into a SQL string in translation_manage_text.ajax.php and multi...

7.2CVSS7.3AI score0.01089EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder