CVE-2019-20059

Name of the Vulnerable Software and Affected Versions MFScripts YetiShare versions 3.5.2 through 4.5.4

Description The issue allows an attacker to inject their own SQL and manipulate the query, typically extracting data from the database, due to the direct insertion of values from the sSortDir 0 parameter into a SQL string in files such as payment manage.ajax.php and various * manage.ajax.php. This is a result of an incomplete fix for a previous issue.

Recommendations For versions 3.5.2 through 4.5.4, consider restricting access to the vulnerable * manage.ajax.php files, such as payment manage.ajax.php, until a proper fix is applied. As a temporary workaround, avoid using the sSortDir 0 parameter in the affected API endpoints to minimize the risk of exploitation.