2 matches found
CVE-2007-4454
CVE-2007-4454 affects Olate Download (od) 3.4.1 via an eval injection in environment.php. A crafted version string can cause code execution, using either PDO::ATTR_SERVER_VERSION or PDO::ATTR_CLIENT_VERSION. The available documents confirm the vulnerability and potential impact; no remediation de...
CVE-2007-4421
SQL injection vulnerability in Admin.php in Olate Download od 3.4.1 allows remote attackers to execute arbitrary SQL commands via an OD3AutoLogin cookie...