257549 FIX - Viral DX 1 PHP Script

En curso Publicado Oct 10, 2008 Pagado a la entrega
En curso Pagado a la entrega

Hi,

I have Viral DX 1 Script from:

[url removed, login to view]

Script Live Demo: [url removed, login to view]

I wish to use this script to help members of my Social Networking Group promote and grow their personal profiles using the ViralDX script.

Problem:

I noticed there are a few problems with this script that need fixing... in particular an SQL Inject Vulnerbility as reported at:

===================================================================

[url removed, login to view]

Viral DX 1 is PHP-based marketing software.

The application is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data to the 'bannerid' parameter of the '[url removed, login to view]' script.

An attacker can exploit this issue to execute arbitrary SQL queries and potentially gain administrative access to the vulnerable application.

Viral DX 1 2.07 is vulnerable; other versions may also be affected.

Here is the exploit query string.. it returns u/n & admin password:

Exploit:

[url removed, login to view](0x3a,login,pass)+from+pass--

===================================================================

Fixes & mods needed...

1. I need this and any other Exploits Fixed 100%

2. I also need the Script to Only allow Users/members to Register their Websites from a certain domain. ie a Social Networking Site of my choice. Any other Sites should not be allowed.

IE Form Validation on signup or whatever...

User example 1: [url removed, login to view]

User example 2: [url removed, login to view]

..so only members of a social networking site "[url removed, login to view]" can register and use my site/script.

Terms:

I am prepared to offer upto $50 for this and not any more.

Lowest bid does not necessarly win.

Payment will be lodged in escrow account.

Professional well spoken English language experts only.

Much more work available for successful programmer.

On this project I would prefer somoneone who has had alot of previous experience with these sort of scripts, and can offer thier EXTRA VALUED Opinions & Expertise.

I WILL need to See 100% Safe Installation on your Test server and Immediate Released Payment will follow.

Regards.

JD

JavaScript MySQL Odd Jobs PHP Instalación de scripts Seguridad web

Nº del proyecto: #2003818

Sobre el proyecto

Proyecto remoto Activo Jul 11, 2012