En cours

Fix Website Vulnerabilities

We require the services of a specialist PHP security expert to make some alterations to the existing code on our website, following a routine security scan.

The following areas have been identified:

- Cross Site Scripting - Recommendation: Scripts need to filter metacharacters from user input (29 affected files)

- CRLF injection/HTTP response spiltting - Recommendation: You need to rescrict CR(0x13) and LF(0x10) from the user input or properly encode the output in order to prevent the injection of custom HTTP headers. (1 affected file)

- Blind SQL Injection - Recommendation: You should filter metacharacters from user input (13 affected files)

- User credentials are sent in clear text (1 affected file)

- HTML form without CSRF protection (15 affected files)

We know the files where the vulnerabilities exist.

We will only consider working with freelancers who have good feedback with security related web work.

Compétences : PHP, Sécurité Web

en voir plus : custom user submission wordpress, website payments pro custom tutorial, arab website optimization work, fix website problems, fix website godaddycom, pozmatch website stop work, fix website software, custom user group skin vbulletin, custom user joomla, joomla custom user profile, fix website hacked, fix mcafee vulnerabilities, custom user file storage, create custom user area website, aspnet website custom user widget manager, custom project management website bonuses work, website doesnt work properly firefox quick fix, fix website vulnerabilities, fix website securities vulnerabilities, fix website work iphone

Concernant l'employeur :
( 36 commentaires ) Bournemouth, United Kingdom

Nº du projet : #5568580