PT-2019-15934 · Yetishare · Yetishare

Published

2019-12-30

Updated

2020-01-07

CVE-2019-19734

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions YetiShare version 3.5.2

Description The issue allows an attacker to inject their own SQL and manipulate the query, typically extracting data from the database. This is due to the direct insertion of values from the fileIds parameter into a SQL string in the account move file in folder.ajax.php file.

Recommendations For YetiShare version 3.5.2, consider restricting access to the account move file in folder.ajax.php file until a patch is available. As a temporary workaround, avoid using the fileIds parameter in the affected API endpoint until the issue is resolved.

Exploit

Fix

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-89

Related Identifiers

CVE-2019-19734

Affected Products

Yetishare

PT-2019-15934 · Yetishare · Yetishare

CVE-2019-19734

Weakness Enumeration

Related Identifiers

Affected Products

References · 4