AOH :: HP Unsorted T :: C07-2523.HTM

Tyger Bug Tracking System Multiple Vulnerability



Tyger Bug Tracking System Multiple Vulnerability
Tyger Bug Tracking System Multiple Vulnerability



-=[--------------------ADVISORY-------------------]=-
                                              
            Tyger Bug Tracking System     
                                               
Author: CorryL [corryl80@gmail.com] 
-=[-----------------------------------------------]=-


-=[+] Application:    Tyger Bug Tracking System
-=[+] Version:        1.1.3
-=[+] Vendor's URL: http://uk.homeunix.org/tyger/cms/ 
-=[+] Platform:       Windows\Linux\Unix
-=[+] Bug type:       Cross-Site Script\Sql injection
-=[+] Exploitation:   Remote
-=[-]
-=[+] Author:           CorryL  ~ corryl80[at]gmail[dot]com ~
-=[+] Reference: www.xoned.net 
-=[+] Virtual Office: http://www.kasamba.com/CorryL 
-=[+] Irc Chan:         irc.darksin.net #x0n3-h4ck        


..::[ Descriprion ]::..

Tyger Bug tracking software has been designed and 
developed or individuals or groups of software developers 
to manage software development better. 
By using Tyger teams of developers are able to communicate far better 
with each fellow developers or end user's which ultimately improves the quality of 
your software project or product.




..::[ Proof Of Concept ]::..

[Sql injection]

http://remote_server/ViewBugs.php?s=[sql]&o=ASC 


[Xss]

[XSS">http://remote_server/Login.php/>">[XSS] 

[XSS">http://remote_server/Register.php/>">[XSS] 




The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.