CVE-2010-4792

OPEN IT OverLook 5.0 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in title.php in OPEN IT OverLook 5.0 allows remote attackers to inject arbitrary web script or HTML via the frame parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Anatolia Security · htmlwebappsphp

https://www.exploit-db.com/exploits/34826

View Code ZIP pw:eip

References (6)

[Various Sources] http://anatoliasecurity.com/adv/as-adv-2010-002.txt

[Exploit] http://packetstormsecurity.org/1010-exploits/overlook-xss.txt

[Vendor Advisory] http://secunia.com/advisories/41771

[Exploit] http://www.securityfocus.com/bid/43872

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/62361

[Third Party Advisory] http://securityreason.com/securityalert/8220

Scores

EPSS 0.0409

EPSS Percentile 88.4%

Classification

CWE

CWE-79

Status published

Affected Products (2)

openit/overlook

n/a/n/a

Timeline

Published Apr 27, 2011

Tracked Since Feb 18, 2026