Vulnerabilities > Call Center Software

DATE CVE VULNERABILITY TITLE RISK
2007-03-07 CVE-2006-7145 Input Validation and Information Disclosure vulnerability in Call-Center-Software
edit_user.php in Call Center Software 0.93 and earlier allows remote attackers to obtain sensitive information such as account passwords via a modified user_id parameter.
network
low complexity
call-center-software
5.5
2007-03-07 CVE-2006-7144 SQL-Injection vulnerability in Call-Center-Software
SQL injection vulnerability in Call Center Software 0.93 and earlier allows remote attackers to execute arbitrary SQL commands and bypass authentication via the user name in the login page.
network
low complexity
call-center-software
7.5
2007-03-07 CVE-2006-7143 Cross-Site Scripting vulnerability in Call-Center-Software
Cross-site scripting (XSS) vulnerability in Call Center Software 0.93 and earlier allows remote attackers to inject arbitrary web script or HTML via the problem description field.
5.8
2007-03-02 CVE-2007-1161 Cross-Site Scripting vulnerability in Call Center Software Call Center Software 0.93
Cross-site scripting (XSS) vulnerability in call_entry.php in Call Center Software 0,93 allows remote attackers to inject arbitrary web script or HTML via the problem_desc parameter, as demonstrated by the ONLOAD attribute of a BODY element.
4.3