Описание
Admin.php in Olate Download (od) 3.4.1 uses an MD5 hash of the admin username, user id, and group id, to compose the OD3_AutoLogin authentication cookie, which makes it easier for remote attackers to guess the cookie and access the Admin area.
Ссылки
- Exploit
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:olate:olatedownload:3.4.1:*:*:*:*:*:*:*
EPSS
Процентиль: 92%
0.09079
Низкий
9.3 Critical
CVSS2
Дефекты
CWE-287
Связанные уязвимости
github
больше 3 лет назад
Admin.php in Olate Download (od) 3.4.1 uses an MD5 hash of the admin username, user id, and group id, to compose the OD3_AutoLogin authentication cookie, which makes it easier for remote attackers to guess the cookie and access the Admin area.
EPSS
Процентиль: 92%
0.09079
Низкий
9.3 Critical
CVSS2
Дефекты
CWE-287