Hi,
I have Viral DX 1 Script from:
[login to view URL]
Script Live Demo: [login to view URL]
I wish to use this script to help members of my Social Networking Group promote and grow their personal profiles using the ViralDX script.
Problem:
I noticed there are a few problems with this script that need fixing... in particular an SQL Inject Vulnerbility as reported at:
===================================================================
[login to view URL]
Viral DX 1 is PHP-based marketing software.
The application is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data to the 'bannerid' parameter of the '[login to view URL]' script.
An attacker can exploit this issue to execute arbitrary SQL queries and potentially gain administrative access to the vulnerable application.
Viral DX 1 2.07 is vulnerable; other versions may also be affected.
Here is the exploit query string.. it returns u/n & admin password:
Exploit:
[login to view URL](0x3a,login,pass)+from+pass--
===================================================================
Fixes & mods needed...
1. I need this and any other Exploits Fixed 100%
2. I also need the Script to Only allow Users/members to Register their Websites from a certain domain. ie a Social Networking Site of my choice. Any other Sites should not be allowed.
IE Form Validation on signup or whatever...
User example 1: [login to view URL]
User example 2: [login to view URL]
..so only members of a social networking site "[login to view URL]" can register and use my site/script.
Terms:
I am prepared to offer upto $50 for this and not any more.
Lowest bid does not necessarly win.
Payment will be lodged in escrow account.
Professional well spoken English language experts only.
Much more work available for successful programmer.
On this project I would prefer somoneone who has had alot of previous experience with these sort of scripts, and can offer thier EXTRA VALUED Opinions & Expertise.
I WILL need to See 100% Safe Installation on your Test server and Immediate Released Payment will follow.
Regards.
JD