CVE-2007-2581

Microsoft Windows SharePoint Services 3.0 - XSS

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-2581. PoCs published by Solarius.

AI-analyzed exploit summary This exploit demonstrates a cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server by injecting arbitrary JavaScript code via a malformed URL. The PoC triggers an alert dialog, proving the lack of input sanitization.

Description

Multiple cross-site scripting (XSS) vulnerabilities in Microsoft Windows SharePoint Services 3.0 for Windows Server 2003 and Office SharePoint Server 2007 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO (query string) in "every main page," as demonstrated by default.aspx.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Solarius · textremotewindows
https://www.exploit-db.com/exploits/29951

This exploit demonstrates a cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server by injecting arbitrary JavaScript code via a malformed URL. The PoC triggers an alert dialog, proving the lack of input sanitization.

Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: Microsoft SharePoint Server (versions affected by CVE-2007-2581)
No auth needed
Prerequisites: Access to a vulnerable SharePoint Server instance · Ability to craft and deliver a malicious URL to a victim
MITRE ATT&CK
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (14)

Core 14
Core References
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2286
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/23832
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1018789
Third Party Advisory mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2007-05/0196.html
Third Party Advisory, VDB Entry vendor-advisory x_refsource_hp
http://www.securityfocus.com/archive/1/482366/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/37630
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/34343
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/467738/100/0/threaded
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/27148
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2007/3439
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/2682
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/467749/100/0/threaded
US Government Resource third-party-advisory x_refsource_cert
http://www.us-cert.gov/cas/techalerts/TA07-282A.html

Scores

EPSS 0.3623
EPSS Percentile 98.3%

Details

CWE
CWE-79
Status published
Products (3)
microsoft/sharepoint_server 2007
microsoft/sharepoint_services 3.0
microsoft/windows_2003
Published May 09, 2007
Tracked Since Feb 18, 2026