Lucene search
+L

4 matches found

CNVD
CNVD
added 2019/12/31 12:0 a.m.3 views

Mellow Fish YetiShare Cross-Site Scripting Vulnerability

Mellow Fish YetiShare is a PHP-based file hosting web system script from Mellow Fish UK. A security vulnerability exists in Mellow Fish YetiShare versions 3.5.2 through 4.5.3, which stems from the program not setting the HttpOnly flag on session cookies. An attacker can exploit the vulnerability ...

6.1CVSS6.8AI score0.00608EPSS
Exploits0References1
CNVD
CNVD
added 2019/12/31 12:0 a.m.5 views

MFScripts YetiShare Cross-Site Scripting Vulnerability

Mellow Fish YetiShare is a PHP-based file hosting web system script from Mellow Fish UK. A cross-site scripting vulnerability exists in the getallfileserverpaths.ajax.php file in Mellow Fish YetiShare versions 3.5.2 through 4.5.3. The vulnerability stems from a lack of proper validation of...

6.1CVSS6.4AI score0.0071EPSS
Exploits1References1
CNVD
CNVD
added 2019/12/31 12:0 a.m.2 views

Mellow Fish YetiShare Cross-Site Request Forgery Vulnerability

Mellow Fish YetiShare is a PHP-based file hosting web system script from Mellow Fish UK. A security vulnerability exists in Mellow Fish YetiShare versions 3.5.2 through 4.5.3, which stems from the program not setting the SameSite flag on session cookies. An attacker can exploit this vulnerability...

8.8CVSS6.8AI score0.00452EPSS
Exploits0References1
CNVD
CNVD
added 2019/12/31 12:0 a.m.5 views

Unspecified Vulnerability in Mellow Fish YetiShare

Mellow Fish YetiShare is a PHP-based file hosting web system script from Mellow Fish UK. A security vulnerability exists in the accountforgotpassword.ajax.php file in Mellow Fish YetiShare versions 3.5.2 through 4.5.3. An attacker can exploit the vulnerability to enumerate user accounts by guessi...

5.3CVSS6.8AI score0.00993EPSS
Exploits0References1
Rows per page
Query Builder