3 matches found
CVE-2019-19735
class.userpeer.php in MFScripts YetiShare 3.5.2 through 4.5.3 uses an insecure method of creating password reset hashes based only on microtime, which allows an attacker to guess the hash and set the password within a few hours by bruteforcing...
CVE-2019-19735
class.userpeer.php in MFScripts YetiShare 3.5.2 through 4.5.3 uses an insecure method of creating password reset hashes based only on microtime, which allows an attacker to guess the hash and set the password within a few hours by bruteforcing...
CVE-2019-19735
The CVE-2019-19735 issue affects Mellow Fish YetiShare (MFScripts YetiShare) versions 3.5.2–4.5.3, specifically in class.userpeer.php. The root cause is an insecure method for generating password reset hashes based solely on microtime, enabling an attacker to brute-force the hash and set a passwo...