payment_manage.ajax.php and various *_manage.ajax.php in MFScripts YetiShare 3.5.2 up to and including 4.5.4 directly insert values from the sSortDir_0 parameter into a SQL string. This allows an malicious user to inject their own SQL and manipulate the query, typically extracting data from the database, aka SQL Injection. NOTE: this issue exists because of an incomplete fix for CVE-2019-19732.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mfscripts yetishare |