I gang

php mysql ajax programmer requiered to fix security vulnerabilities on Q&A website

I have a questions and answers website and i need some security vulnerability fixed. The vulnerabilities are tested and we have a report on them. The winning bidder will gain access to the report and the recommendations in it on how to fix them.

Detected vulnerabilities are:

1. User change informations vulnerability - an attacker can change any user informations including password, email, username… by sending a « POST » request via « [url removed, login to view] » with the targeted UserId of the victim.

2. Session Hijack Vulnerability (cookies handling) - we have a video showing how an attacker can hijack the victim account an get access to its profile.

3. Authentification bypass via SQL Injection Vulnerability - by providing specially crafted parameters to the login form, an attacker may be able to exploit this flaw to bypass authentification.

Selected bidder will be provided with the development environmet where he'll be able to do his work and all the reports we have including videos, scripts, reccommentations on how to fix vulnerabilities.

--------------------------------------------------------------------------------------------------

All of the files in our development environment are in Windows format. You must not change the format to Unix format when you upload to our servers.

If the job is not 100% completed to specifications you agree that there will not be a partial payment made for work done. We pay 100% for complete work and 0% for incomplete work.

Færdigheder: AJAX, CSS, HTML, MySQL, PHP

Se mere: windows fix it website, where to get a job on programmer, where do i get a programmer, website hijack fix, q email, programmer questions, php programmer job profile, php and sql programmer, php ajax sql, how to get programmer job, how to get a programmer, how to fix website, how to fix a website, how to do reports, get job programmer, change security questions, programmer php videos, vulnerabilities, security vulnerability, security questions, ajax upload, website sql injection, session php login, php ajax form upload, amp php mysql

Om arbejdsgiveren:
( 26 bedømmelser ) Toronto, Canada

Projekt-ID: #4103819

Tildelt til:

signo

Please see PMB for details.

$100 USD in 2 dage
(129 bedømmelser)
6.4

5 freelancers are bidding on average $103 for this job

toinnisfree

quick pro help. ftp and escrow required.

$185 USD in 3 dage
(560 bedømmelser)
7.9
meet2amitvw

Hello Thanks for the sharing requirement. I went through your description and ready to work with you. You will work directly with one person and that's me. No mediators. No managers. No subcontractors. I will Mere

$99 USD in 4 dage
(53 bedømmelser)
6.3
SourceBurner

I'll be happy to help you secure your project! Regards

$80 USD in 2 dage
(84 bedømmelser)
5.5
pushprajkatiyar1

I am ready to do this !

$90 USD in 4 dage
(1 bedømmelse)
2.2
vigneshkrish86

I have been working in php and sql ,So ready to take up the challenge.

$50 USD in 2 dage
(0 bedømmelser)
0.0