CVEs-PoC/2019/CVE-2019-19735.md at main

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-02-12 22:53:11 +00:00

Files

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

996 B

Raw Permalink Blame History

CVE-2019-19735

Description

class.userpeer.php in MFScripts YetiShare 3.5.2 through 4.5.3 uses an insecure method of creating password reset hashes (based only on microtime), which allows an attacker to guess the hash and set the password within a few hours by bruteforcing.

POC

Reference

https://medium.com/%40jra8908/yetishare-3-5-2-4-5-3-multiple-vulnerabilities-2d01d0cd7459
https://medium.com/@jra8908/yetishare-3-5-2-4-5-3-multiple-vulnerabilities-2d01d0cd7459

Github

https://github.com/0xT11/CVE-POC
https://github.com/developer3000S/PoC-in-GitHub
https://github.com/hectorgie/PoC-in-GitHub
https://github.com/jra89/CVE-2019-19735

996 B Raw Permalink Blame History

CVE-2019-19735

Description

POC

Reference

Github

996 B

Raw Permalink Blame History