Back to search
CVE-2007-3569
Published: Jul 5, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
Multiple cross-site scripting (XSS) vulnerabilities in Oliver Library Management System allow remote attackers to inject arbitrary web script or HTML via the (1) updateform and (2) displayform parameter to (a) gateway/gateway.exe; the (3) TERMS, (4) database, (5) srchad, (6) SuggestedSearch, and (7) searchform parameters to the (b) "Basic Search page"; and (8) username parameter when (c) logging on.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
25930
third-party-advisory
x_refsource_SECUNIA
20070703 Cross Site Scripting in Oliver Library Management System
mailing-list
x_refsource_BUGTRAQ
37061
vdb-entry
x_refsource_OSVDB
ADV-2007-2432
vdb-entry
x_refsource_VUPEN
37059
vdb-entry
x_refsource_OSVDB
2868
third-party-advisory
x_refsource_SREASON
oliver-search-login-xss(35251)
vdb-entry
x_refsource_XF
20070703 Cross Site Scripting in Oliver Library Management System
mailing-list
x_refsource_FULLDISC
37060
vdb-entry
x_refsource_OSVDB
24754
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now