CVE-2007-4419

CVE-2007-4419 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

Admin.php in Olate Download (od) 3.4.1 uses an MD5 hash of the admin username, user id, and group id, to compose the OD3_AutoLogin authentication cookie, which makes it easier for remote attackers to guess the cookie and access the Admin area.

Learn more about our User Device Pen Test.