Computer Security

Security Advisory: Olate Download 3.4.1~environment.php.php~Code Execution
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  vBulletin V3.6.8 XSS Password Md5 Hash

  Vulnerability in theme Sirius 1.0 for WordPress

From:imei <addmimistrator_(at)_gmail.com>
Date:18.08.2007
Subject:Olate Download 3.4.1~environment.php.php~Code Execution

VISITE ORIGINAL ADVISORY FOR MORE DETAILES
http://myimei.com/security/2007-08-17/olate-download-341-environmentphpphp-code-e
xecution.html
VISITE ORIGINAL ADVISORY FOR MORE DETAILES

——————-Summary—————-
Software: Olate Download
Sowtware's Web Site: http://www.olate.co.uk/
Versions: 3.4.1
Class: Remote
Status: Unpatched
Exploit: Available
Solution: Available
Discovered by: imei Addmimistrator
Risk Level: High
—————–Description—————
Olate is prone to code execution vulnerability cause of trusting to
user supplied inputs in environment.php file, that is a very unusable
file in software.

VISITE ORIGINAL ADVISORY FOR MORE DETAILES
http://myimei.com/security/2007-08-17/olate-download-341-environmentphpphp-code-e
xecution.html
VISITE ORIGINAL ADVISORY FOR MORE DETAILES


--
imei Addmimistrator
Visit my SeQrity Homepage at:
http://myimei.com/security
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server