Vulnerabilities > CVE-2007-3569 - Unspecified vulnerability in Softlink Europe Oliver Library Management System
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN softlink-europe
exploit available
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Oliver Library Management System allow remote attackers to inject arbitrary web script or HTML via the (1) updateform and (2) displayform parameter to (a) gateway/gateway.exe; the (3) TERMS, (4) database, (5) srchad, (6) SuggestedSearch, and (7) searchform parameters to the (b) "Basic Search page"; and (8) username parameter when (c) logging on.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | Oliver Multiple Cross-Site Scripting Vulnerabilities. CVE-2007-3569. Webapps exploit for cgi platform |
| id | EDB-ID:30263 |
| last seen | 2016-02-03 |
| modified | 2007-07-03 |
| published | 2007-07-03 |
| reporter | A. R. |
| source | https://www.exploit-db.com/download/30263/ |
| title | Oliver Multiple Cross-Site Scripting Vulnerabilities |
References
- http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/055355.html
- http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/055355.html
- http://osvdb.org/37059
- http://osvdb.org/37059
- http://osvdb.org/37060
- http://osvdb.org/37060
- http://osvdb.org/37061
- http://osvdb.org/37061
- http://secunia.com/advisories/25930
- http://secunia.com/advisories/25930
- http://securityreason.com/securityalert/2868
- http://securityreason.com/securityalert/2868
- http://www.securityfocus.com/archive/1/472738/100/0/threaded
- http://www.securityfocus.com/archive/1/472738/100/0/threaded
- http://www.securityfocus.com/bid/24754
- http://www.securityfocus.com/bid/24754
- http://www.vupen.com/english/advisories/2007/2432
- http://www.vupen.com/english/advisories/2007/2432
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35251
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35251