Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:5 a.m.7 views

CVE-2019-20059

paymentmanage.ajax.php and various manage.ajax.php in MFScripts YetiShare 3.5.2 through 4.5.4 directly insert values from the sSortDir0 parameter into a SQL string. This allows an attacker to inject their own SQL and manipulate the query, typically extracting data from the database, aka SQL...

8.8CVSS7AI score0.01089EPSS
Exploits2References1
OSV
OSV
added 2020/02/10 1:15 p.m.3 views

CVE-2019-20059

paymentmanage.ajax.php and various manage.ajax.php in MFScripts YetiShare 3.5.2 through 4.5.4 directly insert values from the sSortDir0 parameter into a SQL string. This allows an attacker to inject their own SQL and manipulate the query, typically extracting data from the database, aka SQL...

8.8CVSS7.2AI score0.00937EPSS
Exploits1References4
NVD
NVD
added 2020/02/10 1:15 p.m.16 views

CVE-2019-20059

paymentmanage.ajax.php and various manage.ajax.php in MFScripts YetiShare 3.5.2 through 4.5.4 directly insert values from the sSortDir0 parameter into a SQL string. This allows an attacker to inject their own SQL and manipulate the query, typically extracting data from the database, aka SQL...

8.8CVSS7.4AI score0.00937EPSS
Exploits1References4
CVE
CVE
added 2020/02/10 12:13 p.m.55 views

CVE-2019-20059

CVE-2019-20059 affects MFScripts YetiShare versions 3.5.2 through 4.5.4. The vulnerability arises because payment_manage.ajax.php and various *_manage.ajax.php directly insert values from the sSortDir_0 parameter into a SQL string, enabling SQL injection and potential data extraction. This issue ...

8.8CVSS7.3AI score0.00937EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2020/02/10 12:13 p.m.18 views

CVE-2019-20059

paymentmanage.ajax.php and various manage.ajax.php in MFScripts YetiShare 3.5.2 through 4.5.4 directly insert values from the sSortDir0 parameter into a SQL string. This allows an attacker to inject their own SQL and manipulate the query, typically extracting data from the database, aka SQL...

7.7AI score0.00937EPSS
Exploits1References4
Rows per page
Query Builder