Header injection protection

Check website forms on vulnerability for header-injection and make them secure.

Website was searched by provider and found vulnerable for header-injection (not specified). The scope is limited there are only 4 forms where header information is collected (8 because site is bilingual, but the changes will be the same for both). 3 of these forms are collecting email addresses for 2 different newsletters (1 form is the same on different pages), another form collects a recipient name and subject for sending ecards.

I think the job will be to remove the line feeds and carriage returns in the posted header info or take otherwise needed measures. This job is urgent because sending of emails from webserver is no longer possible until forms are fixed (I have to specify the taken actions)

If job is accepted I will give url of the website, and send directories in which forms are located. I will indicate where the email send functions are, but please check for yourself because I’m not an experienced coder. Then please check and repair and document the changes. I will implement changes on the site and notify provider. If provider tests are passed I will pay.

## Deliverables

1) Complete and fully-functional working program(s) in executable form as well as complete source code of all work done.

2) Deliverables must be in ready-to-run condition, as follows (depending on the nature of the deliverables):

a) For web sites or other server-side deliverables intended to only ever exist in one place in the Buyer's environment--Deliverables must be installed by the Seller in ready-to-run condition in the Buyer's environment.

b) For all others including desktop software or software the buyer intends to distribute: A software installation package that will install the software in ready-to-run condition on the platform(s) specified in this bid request.

3) All deliverables will be considered "work made for hire" under U.S. Copyright law. Buyer will receive exclusive and complete copyrights to all work purchased. (No GPL, GNU, 3rd party components, etc. unless all copyright ramifications are explained AND AGREED TO by the buyer on the site per the coder's Seller Legal Agreement).

## Platform

PHP Mysql

Evner: Lidt af Hvert, Ingeniørarbejde, MySQL, PHP, Software Arkitektur, Software Testning

Se mere: source code protection, protection one, job on line engineering, exclusive provider agreement, engineering forms, carriage for hire, protection engineering, vulnerable, document repair, check vulnerability, check document copyright, php header information, website code injection, fixed header, newsletters needed, url injection, remove software protection, php bilingual site mysql, php mysql vulnerable, php mysql secure url

Om arbejdsgiveren:
( 26 bedømmelser ) Amsterdam, Netherlands

Projekt ID: #2842839

Tildelt til:


See private message.

$21.25 USD in 2 dage
(21 bedømmelser)

6 freelancere byder i gennemsnit $50 på dette job


See private message.

$85 USD in 2 dage
(133 bedømmelser)

See private message.

$34 USD in 2 dage
(27 bedømmelser)

See private message.

$68 USD in 2 dage
(1 bedømmelse)

See private message.

$34 USD in 2 dage
(5 bedømmelser)

See private message.

$59.5 USD in 2 dage
(4 bedømmelser)