Description - Multiple Vulnerabilities in Chimera Web Portal System
Multiple Vulnerabilities found in Chimera Web Portal System script.
- Exploit
- Available
- Solution
- Not available - check Phanatic Softwares website
XSS
Vulnerable script: modules.php
Variables comment_poster comment_poster_email comment_poster_homepage comment_text isn't sanitized. Users can post messages with any script code.
SQL Injection
Vulnerable script: linkcategory.php
Variable $id isn't properly sanitized before being used in a SQL query. This can be used to make any SQL query by injecting arbitrary SQL code.
Condition: magic_quotes_gpc = off
Order Source Code Review
Check a website or web application by source code analysis of your site done by our team.The work will be done by experts in web application security.