CVE-2007-4419

Admin.php in Olate Download (od) 3.4.1 uses an MD5 hash of the admin username, user id, and group id, to compose the OD3_AutoLogin authentication cookie, which makes it easier for remote attackers to guess the cookie and access the Admin area.
Configurations

Configuration 1

cpe:2.3:a:olate:olatedownload:3.4.1:*:*:*:*:*:*:*

Information

Published : 2007-08-18 09:17

Updated : 2018-10-15 09:35


NVD link : CVE-2007-4419

Mitre link : CVE-2007-4419

Products Affected
No products.
CWE