Tyger bug tracking system version 1.1.3 suffers from SQL injection and cross site scripting vulnerabilities.
0a6b81b6f0f669ee5e6eebdb06a55621e97da19d9ed0ef0bd07b8fa5c834cf26-=[--------------------ADVISORY-------------------]=-
Tyger Bug Tracking System
Author: CorryL [corryl80@gmail.com]
-=[-----------------------------------------------]=-
-=[+] Application: Tyger Bug Tracking System
-=[+] Version: 1.1.3
-=[+] Vendor's URL: http://uk.homeunix.org/tyger/cms/
-=[+] Platform: Windows\Linux\Unix
-=[+] Bug type: Cross-Site Script\Sql injection
-=[+] Exploitation: Remote
-=[-]
-=[+] Author: CorryL ~ corryl80[at]gmail[dot]com ~
-=[+] Reference: www.xoned.net
-=[+] Virtual Office: http://www.kasamba.com/CorryL
-=[+] Irc Chan: irc.darksin.net #x0n3-h4ck
..::[ Descriprion ]::..
Tyger Bug tracking software has been designed and
developed or individuals or groups of software developers
to manage software development better.
By using Tyger teams of developers are able to communicate far better
with each fellow developers or end user's which ultimately improves the quality of
your software project or product.
..::[ Proof Of Concept ]::..
[Sql injection]
http://remote_server/ViewBugs.php?s=[sql]&o=ASC
[Xss]
http://remote_server/Login.php/>">[XSS]
http://remote_server/Register.php/>">[XSS]
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed