Tamamlanmış

SQL injection/Web security expert -- 2

We need you to penetrate the following case scenario:

Suppose there is a PHP script file "[login to view URL]" which takes a param i.e $_GET["profilePic"], which is image file path and then it generates a PDF with this image using FPDF library.

If the image file doesn't exist, it will throw an error like:

Warning: getimagesize(uploads/X/[login to view URL]): failed to open stream: No such file or directory in /home/X/public_html/[login to view URL] on line 1202

FPDF error: Missing or incorrect image file: uploads/X/[login to view URL]

We need a proof of concept that this unhandled warning can result into server being pwned/allowing execution of PHP code.

You will be rewarded with a bounty and this may lead to more projects in future!

Beceriler: PHP, MySQL, Web Güvenliği, Certified Information Systems Security Professional (CISSP), Veri Tabanı Yönetimi

Daha fazlasını gör: web security expert needed, sql injection expert, web site security expert mumbai, hacking web text game sql injection, sql injection expert example, web penetration tester sql injection, asp security holes sql injection, php sql injection security, study sql injection attacks web application, web application sql injection preventer source code java, web security expert, mysql injection security expert, cakephp web security expert, sql injection security test, package execution on is server failed in sql server 2012, web application firewall sql injection, magento 2.3 no web setup wizard, how to bypass mod security sql injection, learn oauth 2.0 - get started as an api security expert download, security expert web client

İşveren Hakkında:
( 23 değerlendirme ) Khanewal, Pakistan

Proje NO: #29428134

Seçilen:

avinashsg16

Hi, As per our discussion yesterday I am already working on this and I expect this to be completed by 9 pm. I will share the report to you. Kindly initiate personal chat to discuss. Thanks Avinash

%selectedBids___i_period_sub_7% gün içinde 50%project_currencyDetails_sign_sub_9% %project_currencyDetails_code_sub_10%
(4 Değerlendirme)
3.7

Bu iş için 10 freelancer ortalamada $161 teklif veriyor

imTuyen

Hello Sir. I can do this project right now. I am a professional Linux and developer in PHP, Wordpress, Laravel, Magento, Joomla, Prestashop, OpenCart, Yii, NodeJS, Angular, Vue.js, HTML5, CSS3 and jQuery. I can do this Daha Fazla

1 gün içinde %bids___i_sum_sub_32%%project_currencyDetails_sign_sub_33% USD
(68 Değerlendirme)
6.0
safdarsaleem90

I am an experienced PHP / Ethical Hacker & Web developer I will FIX SQL injection/Web security issues as per your requirements with full satisfaction & unlimited revisions In order to any delay we'll refund your m Daha Fazla

$150 USD in 4 gün içinde
(24 Değerlendirme)
4.5
irfanui

Hi There, This is Mohammad from brief I summarize that you need a SQL injection/Web security expert Right? Sure i'll provide you with Quality Work. Please award me the project so that we can discuss it more. I am a Ful Daha Fazla

$250 USD in 25 gün içinde
(4 Değerlendirme)
2.8
Tiger1337

Hi, I've read your project details. I'm currently unable to response you via chat due to the following reason. "Unfortunately, you are not allowed to send a message to this thread." I can pentest your file for SQLi or Daha Fazla

$85 USD in 3 gün içinde
(2 Değerlendirme)
2.1
hack4shree

Hello, I am Security Analyst and Pen-tester by Profession and part time bug hunter. We are three member team which have 5+ year experience person in Information Security domain. We have 100+ application VAPT experience Daha Fazla

$140 USD in 7 gün içinde
(0 Değerlendirme)
0.0
cjfairhead

Hi There, This actually sounds more like a Local File Inclusion (LFI) issue rather than SQL injection (the error isn't a SQL error...). Depending the version of PHP that is in use I have a few ideas on how you could p Daha Fazla

$200 USD in 3 gün içinde
(0 Değerlendirme)
0.0
EgorKovalev

Hello, I am happy to share keen interest in working with you on this exciting opportunity as I have relevant experience to complete this project as per mentioned requirements. I am ready to start immediately and will Daha Fazla

$200 USD in 10 gün içinde
(0 Değerlendirme)
0.0
shashankkumar427

Hi there, I have read your requirements and would like to tell you that I am a part-time freelancer and work on these technologies (Laravel (5 / 6 / 7), WordPress (4 / 5), Cake (3), Yii (1 / 2), Core PHP and many mor Daha Fazla

$195 USD in 10 gün içinde
(0 Değerlendirme)
0.0
jeanyvesvw

Hi, I have 17 years of experience in web development and 7 years is Security. There are certain techniques that can be used to try to pwn the server but I will need to test them out, because a warning only shows cert Daha Fazla

$222 USD in 3 gün içinde
(0 Değerlendirme)
0.0