php mysql ajax programmer requiered to fix security vulnerabilities on Q&A website
$30-100 USD
Betalades vid leverans
I have a questions and answers website and i need some security vulnerability fixed. The vulnerabilities are tested and we have a report on them. The winning bidder will gain access to the report and the recommendations in it on how to fix them.
Detected vulnerabilities are:
1. User change informations vulnerability - an attacker can change any user informations including password, email, username… by sending a « POST » request via « [url removed, login to view] » with the targeted UserId of the victim.
2. Session Hijack Vulnerability (cookies handling) - we have a video showing how an attacker can hijack the victim account an get access to its profile.
3. Authentification bypass via SQL Injection Vulnerability - by providing specially crafted parameters to the login form, an attacker may be able to exploit this flaw to bypass authentification.
Selected bidder will be provided with the development environmet where he'll be able to do his work and all the reports we have including videos, scripts, reccommentations on how to fix vulnerabilities.
--------------------------------------------------------------------------------------------------
All of the files in our development environment are in Windows format. You must not change the format to Unix format when you upload to our servers.
If the job is not 100% completed to specifications you agree that there will not be a partial payment made for work done. We pay 100% for complete work and 0% for incomplete work.
Projekt-id: #4103819
About the project
Tilldelades:
5 frilansare har lagt bud på i genomsnitt $103 för det här jobbet
Hello Thanks for the sharing requirement. I went through your description and ready to work with you. You will work directly with one person and that's me. No mediators. No managers. No subcontractors. I will Mer