CVE-2007-4540 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2007-4540
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-4540

Description: Multiple SQL injection vulnerabilities in download.php in Olate Download (od) 3.4.2 allow remote attackers to execute arbitrary SQL commands via the (1) HTTP_REFERER or (2) HTTP_USER_AGENT HTTP header.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/36214 SREASON http://securityreason.com/securityalert/3062 OSVDB 38581 MISC http://myimei.com/security/2007-08-22/olate-download-342downloadphp-sql-injection.html BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/477340/100/0/threaded BID 25410

Return to the previous page.