VYPR
Vendor

Oliver Project

Products
5
CVEs
5
Across products
6
Status
Private

Products

5

Recent CVEs

5
  • CVE-2021-45027HigSep 1, 2022
    risk 0.49cvss 7.5epss 0.02

    An arbitrary file download vulnerability in Oliver v5 Library Server Versions < 5.00.008.053 via the FileServlet function allows for arbitrary file download by an attacker using unsanitized user supplied input.

  • CVE-2014-2710MedApr 13, 2017
    risk 0.40cvss 6.1epss 0.01

    Multiple cross-site scripting (XSS) vulnerabilities in Oliver (formerly Webshare) 1.3.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the (1) login page (index.php) or (2) login form (loginform-inc.php).

  • CVE-2007-3569Jul 5, 2007
    risk 0.03cvss epss 0.04

    Multiple cross-site scripting (XSS) vulnerabilities in Oliver Library Management System allow remote attackers to inject arbitrary web script or HTML via the (1) updateform and (2) displayform parameter to (a) gateway/gateway.exe; the (3) TERMS, (4) database, (5) srchad, (6)…

  • CVE-2021-47755Jan 15, 2026
    risk 0.00cvss epss 0.01

    Oliver Library Server v5 contains a file download vulnerability that allows unauthenticated attackers to access arbitrary system files through unsanitized input in the FileServlet endpoint. Attackers can exploit the vulnerability by manipulating the 'fileName' parameter to…

  • CVE-2006-6043Nov 22, 2006
    risk 0.00cvss epss 0.01

    PHP file inclusion vulnerability in loginform-inc.php in Oliver (formerly Webshare) 1.2.2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a UNC share pathname or a local file pathname in the conf[motdfile] parameter, which…