Tyger Bug Tracking System Multiple Input Validation Vulnerabilities

Tyger Bug Tracking System Multiple Input Validation Vulnerabilities

To exploit the SQL-injection issue:

http://www.example.com/ViewBugs.php?s=[sql]&o=ASC

To exploit the cross-site scripting issue:

An attacker can exploit this issue by enticing an unsuspecting user into following a malicious URI.

http://www.example.com/Login.php/>">[XSS]

http://www.example.com/Register.php/>">[XSS]