QwikSec

Security Database

CVE

CWE

Training

CVE-2007-4454

Published: Aug 21, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

Eval injection vulnerability in environment.php in Olate Download (od) 3.4.1 allows context-dependent attackers to execute arbitrary code via a crafted version string, as referenced by the (1) PDO::ATTR_SERVER_VERSION or (2) PDO::ATTR_CLIENT_VERSION attribute.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

third-party-advisory

x_refsource_SREASON

http://myimei.com/security/2007-08-17/olate-download-341-environmentphpphp-code-execution.html

x_refsource_MISC

olate-environment-code-execution(36087)

vdb-entry

x_refsource_XF

http://sourceforge.net/project/shownotes.php?group_id=188052&release_id=533628

x_refsource_CONFIRM

vdb-entry

x_refsource_BID

20070817 Olate Download 3.4.1~environment.php.php~Code Execution

mailing-list

x_refsource_BUGTRAQ

20070821 Re: Olate Download 3.4.1 ~ admin.php ~ Admin authentication bypassing

mailing-list

x_refsource_BUGTRAQ

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.