lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: 3 Mar 2007 17:29:50 -0000 From: corrado.liotta@...ce.it To: bugtraq@...urityfocus.com Subject: Tyger Bug Tracking System Multiple Vulnerability -=[--------------------ADVISORY-------------------]=- Tyger Bug Tracking System Author: CorryL [corryl80@...il.com] -=[-----------------------------------------------]=- -=[+] Application: Tyger Bug Tracking System -=[+] Version: 1.1.3 -=[+] Vendor's URL: http://uk.homeunix.org/tyger/cms/ -=[+] Platform: Windows\Linux\Unix -=[+] Bug type: Cross-Site Script\Sql injection -=[+] Exploitation: Remote -=[-] -=[+] Author: CorryL ~ corryl80[at]gmail[dot]com ~ -=[+] Reference: www.xoned.net -=[+] Virtual Office: http://www.kasamba.com/CorryL -=[+] Irc Chan: irc.darksin.net #x0n3-h4ck ..::[ Descriprion ]::.. Tyger Bug tracking software has been designed and developed or individuals or groups of software developers to manage software development better. By using Tyger teams of developers are able to communicate far better with each fellow developers or end user's which ultimately improves the quality of your software project or product. ..::[ Proof Of Concept ]::.. [Sql injection] http://remote_server/ViewBugs.php?s=[sql]&o=ASC [Xss] http://remote_server/Login.php/>">[XSS] http://remote_server/Register.php/>">[XSS]