<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META NAME="Generator" CONTENT="MS Exchange Server version 6.5.7651.51">
<TITLE>Tyger Bug Tracking System Multiple Vulnerability</TITLE>
</HEAD>
<BODY>
<!-- Converted from text/plain format -->
<P><FONT SIZE=2>-=[--------------------ADVISORY-------------------]=-<BR>
<BR>
Tyger Bug Tracking System <BR>
<BR>
Author: CorryL [corryl80@gmail.com] <BR>
-=[-----------------------------------------------]=-<BR>
<BR>
<BR>
-=[+] Application: Tyger Bug Tracking System<BR>
-=[+] Version: 1.1.3<BR>
-=[+] Vendor's URL: <A HREF="http://uk.homeunix.org/tyger/cms/">http://uk.homeunix.org/tyger/cms/</A><BR>
-=[+] Platform: Windows\Linux\Unix<BR>
-=[+] Bug type: Cross-Site Script\Sql injection<BR>
-=[+] Exploitation: Remote<BR>
-=[-]<BR>
-=[+] Author: CorryL ~ corryl80[at]gmail[dot]com ~<BR>
-=[+] Reference: www.xoned.net<BR>
-=[+] Virtual Office: <A HREF="http://www.kasamba.com/CorryL">http://www.kasamba.com/CorryL</A><BR>
-=[+] Irc Chan: irc.darksin.net #x0n3-h4ck <BR>
<BR>
<BR>
..::[ Descriprion ]::..<BR>
<BR>
Tyger Bug tracking software has been designed and<BR>
developed or individuals or groups of software developers<BR>
to manage software development better.<BR>
By using Tyger teams of developers are able to communicate far better<BR>
with each fellow developers or end user's which ultimately improves the quality of<BR>
your software project or product.<BR>
<BR>
<BR>
<BR>
<BR>
..::[ Proof Of Concept ]::..<BR>
<BR>
[Sql injection]<BR>
<BR>
<A HREF="http://remote_server/ViewBugs.php?s=">http://remote_server/ViewBugs.php?s=</A>[sql]&o=ASC<BR>
<BR>
<BR>
[Xss]<BR>
<BR>
<A HREF="http://remote_server/Login.php/">http://remote_server/Login.php/</A>>">[XSS]<BR>
<BR>
<A HREF="http://remote_server/Register.php/">http://remote_server/Register.php/</A>>">[XSS]<BR>
<BR>
<BR>
<BR>
</FONT>
</P>
</BODY>
</HTML>