19 matches found
EUVD-2006-7126
Malware in sbrugna...
EUVD-2006-7127
Malware in sbrugna...
EUVD-2007-1158
Malware in sbrugna...
EUVD-2006-7125
Malware in sbrugna...
The vulnerability in the VERM_AJAX_functions.php script of the software for managing call centers allows a violator to execute arbitrary code.
The vulnerability of the VERMAJAXfunctions.php software for the Vicidial call processing center is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...
CVE-2006-7145
edituser.php in Call Center Software 0.93 and earlier allows remote attackers to obtain sensitive information such as account passwords via a modified userid parameter...
CVE-2006-7143
Cross-site scripting XSS vulnerability in Call Center Software 0.93 and earlier allows remote attackers to inject arbitrary web script or HTML via the problem description field...
CVE-2006-7143
Cross-site scripting XSS vulnerability in Call Center Software 0.93 and earlier allows remote attackers to inject arbitrary web script or HTML via the problem description field...
CVE-2006-7145
edituser.php in Call Center Software 0.93 and earlier allows remote attackers to obtain sensitive information such as account passwords via a modified userid parameter...
CVE-2006-7144
CVE-2006-7144 affects Call Center Software version 0.93 and earlier. The vulnerability is an SQL injection in the login page where the username is used in the authentication query, enabling remote attackers to execute arbitrary SQL commands and bypass authentication. Root cause appears to be impr...
CVE-2006-7145
CVE-2006-7145 concerns Call Center Software (0.93 and earlier). The vulnerability allows remote attackers to disclose sensitive data (e.g., account passwords) by sending a modified user_id parameter in edit_user.php, leading to partial confidentiality impact and partial integrity impact. The NVD ...
CVE-2006-7144
SQL injection vulnerability in Call Center Software 0.93 and earlier allows remote attackers to execute arbitrary SQL commands and bypass authentication via the user name in the login page...
CVE-2006-7143
The CVE-2006-7143 entry describes a Cross-site Scripting (XSS) vulnerability in Call Center Software versions 0.93 and earlier, exploitable via the problem description field to inject arbitrary script/HTML. The provided sources confirm the affected software and the vulnerability class but do not ...
CVE-2007-1161
Cross-site scripting XSS vulnerability in callentry.php in Call Center Software 0,93 allows remote attackers to inject arbitrary web script or HTML via the problemdesc parameter, as demonstrated by the ONLOAD attribute of a BODY element...
Cross site scripting
Cross-site scripting XSS vulnerability in callentry.php in Call Center Software 0,93 allows remote attackers to inject arbitrary web script or HTML via the problemdesc parameter, as demonstrated by the ONLOAD attribute of a BODY element...
CVE-2007-1161
Cross-site scripting XSS vulnerability in callentry.php in Call Center Software 0,93 allows remote attackers to inject arbitrary web script or HTML via the problemdesc parameter, as demonstrated by the ONLOAD attribute of a BODY element...
CVE-2007-1161
CVE-2007-1161 is a documented cross-site scripting (XSS) vulnerability in Call Center Software 0,93, exposed via call_entry.php where the problem_desc parameter can be exploited to inject HTML/JS (e.g., ONLOAD on BODY). The issue is triggered by improper handling of user-supplied data, enabling r...
[Full-disclosure] Call Center Software - Remote Xss Post Exploit -
-=--------------------ADVISORY-------------------=- Call center 0,93 Author: CorryL [email protected] -=-----------------------------------------------=- -=+ Application: Call senter -=+ Version: 0,93 -=+ Vendor's URL: http://www.call-center-software.org/ -=+ Platform: WindowsLinuxUnix -=+ Bug...
[Full-disclosure] MHL-2006-002 Public Advisory: "Call-Center-Software" Multiple Security Issues
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 MHL-2006-002 - Public Advisory +-----------------------------------------------------------+ | Call-Center-Software Multiple Security Issues | +-----------------------------------------------------------+ PUBLISHED ON October 11th, 2006 PUBLISHED AT...