2 matches found
CVE-2007-3569
Multiple cross-site scripting XSS vulnerabilities in Oliver Library Management System allow remote attackers to inject arbitrary web script or HTML via the 1 updateform and 2 displayform parameter to a gateway/gateway.exe; the 3 TERMS, 4 database, 5 srchad, 6 SuggestedSearch, and 7 searchform...
CVE-2007-3569
Affected product : Oliver Library Management System. Vulnerable vectors : XSS via the parameters (updateform, displayform) to gateway/gateway.exe and via (TERMS, database, srchad, SuggestedSearch, searchform) on the Basic Search page; and (8) username during login. Root cause : likely improper in...