Vulnerabilities

CVE-2019-19735

by Fred · 30/12/2019

class.userpeer.php in MFScripts YetiShare 3.5.2 through 4.5.3 uses an insecure method of creating password reset hashes (based only on microtime), which allows an attacker to guess the hash and set the password within a few hours by bruteforcing.

Date published : 2019-12-30

https://github.com/jra89/CVE-2019-19735

https://medium.com/@jra8908/yetishare-3-5-2-4-5-3-multiple-vulnerabilities-2d01d0cd7459

Related

Tags: Cybersecurity Alert