CVE-2007-4421 | Vulnerability Database | Aqua Security

SQL injection vulnerability in Admin.php in Olate Download (od) 3.4.1 allows remote attackers to execute arbitrary SQL commands via an OD3_AutoLogin cookie.

Affected Software

Name	Vendor	Start Version	End Version
Olatedownload	Olate	3.4.1 (including)	3.4.1 (including)

References

http://myimei.com/security/2007-08-16/olate-download-341adminphpauthentication-bypassing.html
http://osvdb.org/39712
http://secunia.com/advisories/26533
http://securityreason.com/securityalert/3028
http://sourceforge.net/forum/forum.php?forum_id=727807
http://sourceforge.net/project/shownotes.php?group_id=188052\u0026release_id=533628
http://sourceforge.net/project/shownotes.php?release_id=533628\u0026group_id=188052
http://www.securityfocus.com/archive/1/476760/100/0/threaded
http://www.securityfocus.com/archive/1/477223/100/0/threaded
http://www.securityfocus.com/bid/25384
https://exchange.xforce.ibmcloud.com/vulnerabilities/36089
http://myimei.com/security/2007-08-16/olate-download-341adminphpauthentication-bypassing.html
http://osvdb.org/39712
http://secunia.com/advisories/26533
http://securityreason.com/securityalert/3028
http://sourceforge.net/forum/forum.php?forum_id=727807
http://sourceforge.net/project/shownotes.php?group_id=188052\u0026release_id=533628
http://sourceforge.net/project/shownotes.php?release_id=533628\u0026group_id=188052
http://www.securityfocus.com/archive/1/476760/100/0/threaded
http://www.securityfocus.com/archive/1/477223/100/0/threaded
http://www.securityfocus.com/bid/25384
https://exchange.xforce.ibmcloud.com/vulnerabilities/36089

NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-4421
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html