CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2007-1161

Cross-site scripting (XSS) vulnerability in call_entry.php in Call Center Software 0,93 allows remote attackers to inject arbitrary web script or HTML via the problem_desc parameter, as demonstrated by the ONLOAD attribute of a BODY element.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 51.7%

CVSS Severity

CVSS v2 Score 4.3

References

http://osvdb.org/33037
http://securityreason.com/securityalert/2333
http://www.attrition.org/pipermail/vim/2007-February/001378.html
http://www.securityfocus.com/archive/1/460797/100/0/threaded
http://osvdb.org/33037
http://securityreason.com/securityalert/2333
http://www.attrition.org/pipermail/vim/2007-February/001378.html
http://www.securityfocus.com/archive/1/460797/100/0/threaded

Products affected by CVE-2007-1161

Call Center Software » Call Center Software » Version: 0.93

cpe:2.3:a:call_center_software:call_center_software:0.93

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2007-1161

Products

Pricing

Contact Us