Vulnerability Details : CVE-2007-4421
SQL injection vulnerability in Admin.php in Olate Download (od) 3.4.1 allows remote attackers to execute arbitrary SQL commands via an OD3_AutoLogin cookie.
Vulnerability category: Sql Injection
Products affected by CVE-2007-4421
- cpe:2.3:a:olate:olatedownload:3.4.1:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2007-4421
1.10%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 85 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2007-4421
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
References for CVE-2007-4421
-
http://www.securityfocus.com/archive/1/476760/100/0/threaded
-
http://myimei.com/security/2007-08-16/olate-download-341adminphpauthentication-bypassing.html
-
http://www.securityfocus.com/bid/25384
-
http://securityreason.com/securityalert/3028
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/36089
-
http://sourceforge.net/project/shownotes.php?group_id=188052&release_id=533628
-
http://sourceforge.net/forum/forum.php?forum_id=727807
-
http://sourceforge.net/project/shownotes.php?release_id=533628&group_id=188052
-
http://www.securityfocus.com/archive/1/477223/100/0/threaded
Jump to