-=[--------------------ADVISORY-------------------]=-
                                              
                       Call center 0,93
                                               
Author: CorryL [corryl80@gmail.com] 
-=[-----------------------------------------------]=-


-=[+] Application:    Call senter
-=[+] Version:        0,93
-=[+] Vendor's URL: http://www.call-center-software.org/ 
-=[+] Platform:       Windows\Linux\Unix
-=[+] Bug type:       Cross-Site Script
-=[+] Exploitation:   Remote
-=[-]
-=[+] Author:           CorryL  ~ corryl80[at]gmail[dot]com ~
-=[+] Reference: www.xoned.net 
-=[+] Virtual Office: http://www.kasamba.com/CorryL 
-=[+] Irc Chan:         irc.darksin.net #x0n3-h4ck        


..::[ Descriprion ]::..

Call center software is one of the most important aspects of any call help center, 
being able to track and manage calls can be the key to high customer safisfacation. 
Our 100% free call center software solution is based on php and the mysql database.


..::[ Bug ]::..

An attacker exploiting this vulnerability is able steal the content
the cookies of the consumer admin in fact the bug situated is on an request post
then he remains memorized inside the database in attends him that the admin
goes to read the content of the call

..::[Exploit]::..









=09

	

		

action="http://remote_server/path/call_entry.php"> 
			

				

					
Adding Call
				
				

					

						

													

								
Name: 

							
							

								
Phone: 

							
							

								
Department: 
								

									
																																                                                                Problem
																
								
							
							

								
Issue Type: 
								

									
																	email
																	keyboard
																	monitor
																	mouse
																	network
																	password
																	word processing
																
								
							
							

								
Xss Script Here :