CVE-2007-3569
published 2007-07-05CVE-2007-3569: Multiple cross-site scripting (XSS) vulnerabilities in Oliver Library Management System allow remote attackers to inject arbitrary web script or HTML via the…
PriorityP421medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EXPLOIT
EPSS
4.39%
90.1th percentile
Multiple cross-site scripting (XSS) vulnerabilities in Oliver Library Management System allow remote attackers to inject arbitrary web script or HTML via the (1) updateform and (2) displayform parameter to (a) gateway/gateway.exe; the (3) TERMS, (4) database, (5) srchad, (6) SuggestedSearch, and (7) searchform parameters to the (b) "Basic Search page"; and (8) username parameter when (c) logging on.
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/055355.htmlhttp://osvdb.org/37059http://osvdb.org/37060http://osvdb.org/37061http://secunia.com/advisories/25930http://securityreason.com/securityalert/2868http://www.securityfocus.com/archive/1/472738/100/0/threadedhttp://www.securityfocus.com/bid/24754http://www.vupen.com/english/advisories/2007/2432https://exchange.xforce.ibmcloud.com/vulnerabilities/35251http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/055355.htmlhttp://osvdb.org/37059http://osvdb.org/37060http://osvdb.org/37061http://secunia.com/advisories/25930http://securityreason.com/securityalert/2868http://www.securityfocus.com/archive/1/472738/100/0/threadedhttp://www.securityfocus.com/bid/24754http://www.vupen.com/english/advisories/2007/2432https://exchange.xforce.ibmcloud.com/vulnerabilities/35251
2007-07-05
Published