SQL injection/Web security expert -- 2
Bütçe $30-250 USD
We need you to penetrate the following case scenario:
Suppose there is a PHP script file "[login to view URL]" which takes a param i.e $_GET["profilePic"], which is image file path and then it generates a PDF with this image using FPDF library.
If the image file doesn't exist, it will throw an error like:
Warning: getimagesize(uploads/X/[login to view URL]): failed to open stream: No such file or directory in /home/X/public_html/[login to view URL] on line 1202
FPDF error: Missing or incorrect image file: uploads/X/[login to view URL]
We need a proof of concept that this unhandled warning can result into server being pwned/allowing execution of PHP code.
You will be rewarded with a bounty and this may lead to more projects in future!
Seçilen:
Hi, As per our discussion yesterday I am already working on this and I expect this to be completed by 9 pm. I will share the report to you. Kindly initiate personal chat to discuss. Thanks Avinash
Bu iş için 10 freelancer ortalamada $161 teklif veriyor
Hello Sir. I can do this project right now. I am a professional Linux and developer in PHP, Wordpress, Laravel, Magento, Joomla, Prestashop, OpenCart, Yii, NodeJS, Angular, Vue.js, HTML5, CSS3 and jQuery. I can do this Daha Fazla
I am an experienced PHP / Ethical Hacker & Web developer I will FIX SQL injection/Web security issues as per your requirements with full satisfaction & unlimited revisions In order to any delay we'll refund your m Daha Fazla
Hi There, This is Mohammad from brief I summarize that you need a SQL injection/Web security expert Right? Sure i'll provide you with Quality Work. Please award me the project so that we can discuss it more. I am a Ful Daha Fazla
Hi, I've read your project details. I'm currently unable to response you via chat due to the following reason. "Unfortunately, you are not allowed to send a message to this thread." I can pentest your file for SQLi or Daha Fazla
Hello, I am Security Analyst and Pen-tester by Profession and part time bug hunter. We are three member team which have 5+ year experience person in Information Security domain. We have 100+ application VAPT experience Daha Fazla
Hi There, This actually sounds more like a Local File Inclusion (LFI) issue rather than SQL injection (the error isn't a SQL error...). Depending the version of PHP that is in use I have a few ideas on how you could p Daha Fazla
Hello, I am happy to share keen interest in working with you on this exciting opportunity as I have relevant experience to complete this project as per mentioned requirements. I am ready to start immediately and will Daha Fazla
Hi there, I have read your requirements and would like to tell you that I am a part-time freelancer and work on these technologies (Laravel (5 / 6 / 7), WordPress (4 / 5), Cake (3), Yii (1 / 2), Core PHP and many mor Daha Fazla
Hi, I have 17 years of experience in web development and 7 years is Security. There are certain techniques that can be used to try to pwn the server but I will need to test them out, because a warning only shows cert Daha Fazla
