Lucene search
+L

5 matches found

redhatcve
redhatcve
added 2026/01/09 10:5 a.m.8 views

CVE-2019-20059

paymentmanage.ajax.php and various manage.ajax.php in MFScripts YetiShare 3.5.2 through 4.5.4 directly insert values from the sSortDir0 parameter into a SQL string. This allows an attacker to inject their own SQL and manipulate the query, typically extracting data from the database, aka SQL...

8.8CVSS7AI score0.01089EPSS
Exploits2References1
nvd
nvd
added 2020/02/10 1:15 p.m.18 views

CVE-2019-20059

paymentmanage.ajax.php and various manage.ajax.php in MFScripts YetiShare 3.5.2 through 4.5.4 directly insert values from the sSortDir0 parameter into a SQL string. This allows an attacker to inject their own SQL and manipulate the query, typically extracting data from the database, aka SQL...

8.8CVSS7.4AI score0.00937EPSS
Exploits1References4
osv
osv
added 2020/02/10 1:15 p.m.4 views

CVE-2019-20059

paymentmanage.ajax.php and various manage.ajax.php in MFScripts YetiShare 3.5.2 through 4.5.4 directly insert values from the sSortDir0 parameter into a SQL string. This allows an attacker to inject their own SQL and manipulate the query, typically extracting data from the database, aka SQL...

8.8CVSS7.2AI score0.00937EPSS
Exploits1References4
cvelist
cvelist
added 2020/02/10 12:13 p.m.18 views

CVE-2019-20059

paymentmanage.ajax.php and various manage.ajax.php in MFScripts YetiShare 3.5.2 through 4.5.4 directly insert values from the sSortDir0 parameter into a SQL string. This allows an attacker to inject their own SQL and manipulate the query, typically extracting data from the database, aka SQL...

7.7AI score0.00937EPSS
Exploits1References4
cve
cve
added 2020/02/10 12:13 p.m.56 views

CVE-2019-20059

CVE-2019-20059 affects MFScripts YetiShare versions 3.5.2 through 4.5.4. The vulnerability arises because payment_manage.ajax.php and various *_manage.ajax.php directly insert values from the sSortDir_0 parameter into a SQL string, enabling SQL injection and potential data extraction. This issue ...

8.8CVSS7.3AI score0.00937EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder