CVE CVE-2019-19735 Mappings

class.userpeer.php in MFScripts YetiShare 3.5.2 through 4.5.3 uses an insecure method of creating password reset hashes (based only on microtime), which allows an attacker to guess the hash and set the password within a few hours by bruteforcing.


Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
CVE-2019-19735 n/a uncategorized T1110 Brute Force