OlateDownload Multiple Input Validation Vulnerabilities

OlateDownload Multiple Input Validation Vulnerabilities

OlateDownload is prone to multiple input-validation vulnerabilities, including HTML-injection and SQL-injection issues, because the application fails to properly sanitize user-supplied input.

A successful exploit of these vulnerabilities could allow an attacker to inject hostile HTML and script code into vulnerable sections of the application, steal cookie-based authentication credentials from legitimate users of the site, or even exploit vulnerabilities in the underlying database implementation. Other attacks are also possible.

OlateDownload version 3.4.0 is vulnerable.