Vulnerabilities > CVE-2007-1291 - Cross-Site Scripting vulnerability in Tyger BUG Tracking System 1.1.3

047910
CVSS 5.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
NONE
network
tyger
exploit available
NVD
Published: 2007-03-07
Updated: 2018-10-16

Summary

Multiple cross-site scripting (XSS) vulnerabilities in Tyger Bug Tracking System (TygerBT) 1.1.3 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) Login.php and (2) Register.php.

Vulnerable Configurations

Part Description Count
Application
Tyger
1

Exploit-Db

  • descriptionTyger Bug Tracking System 1.1.3 Login.php PATH_INFO Parameter XSS. CVE-2007-1291. Webapps exploit for php platform
    idEDB-ID:29704
    last seen2016-02-03
    modified2007-02-26
    published2007-02-26
    reporterCorryL
    sourcehttps://www.exploit-db.com/download/29704/
    titleTyger Bug Tracking System 1.1.3 Login.php PATH_INFO Parameter XSS
  • descriptionTyger Bug Tracking System 1.1.3 Register.php PATH_INFO Parameter XSS. CVE-2007-1291. Webapps exploit for php platform
    idEDB-ID:29705
    last seen2016-02-03
    modified2007-02-26
    published2007-02-26
    reporterCorryL
    sourcehttps://www.exploit-db.com/download/29705/
    titleTyger Bug Tracking System 1.1.3 Register.php PATH_INFO Parameter XSS

References