176985602337900

Find freelancers. Lose those costly delays.

With 1.7 million freelancers, we'll match you with the perfect talent.

or, Register with Elance »

Consultant needed to fix Cross-site scripting - xss vulnerability issues
Sign in to Add to Watch List

IT & Programming > System Administration

View Change History

The client has made the following changes to the job.

Description
Date
Close

Job Description

  |  Change History >>

Updated

Close
  • Posted: Tue, Apr 12, 2011
  • Time Left: Closed
  • Location: Anywhere
  • Client prefers freelancers from:
    Anywhere

    You are still able to submit a proposal for this job.

    The client prefers freelancers from
    a different location.

    You're still able to submit a proposal for this job, regardless of your location.
  • Start: Immediately
  • Hourly Rate: Not Sure
  • Hrs/wk: Not Sure | Duration: 1-2 weeks
  • Work View™ Payment Protection
  • W9 Not Required
Sign in to view client's details

We got hit with malware on the site , the script saved files on the server such as ano.php and xyz.php and it genereted junk pages which were indexed by google. this was caused by Cross-site scripting - xss vulnerability, we need some advice on how to fix it, we have programmer, we just need consulting advice.

our is a persistent cross-zone scripting vulnerability coupled with a computer worm allowed execution of arbitrary code and listing of filesystem contents via a QuickTime movie on MySpace.[13]
The persistent (or stored) XSS vulnerability is a more devastating variant of a cross-site scripting flaw: it occurs when the data provided by the attacker is saved by the server, and then permanently displayed on "normal" pages returned to other users in the course of regular browsing, without proper HTML escaping. A classic example of this is with online message boards where users are allowed to post HTML formatted messages for other users to read.[11]

Sign in or Register to see more

Job ID: 23811981
Proposals
Hourly Rate: Avg $ | High $ | Low $ — Show Pricing
  • Submit Date (Latest)

Matthew Jenkins      
Matthew Jenkins's identity has been verified.  Learn More
 United States  |  
Motorola and Cisco certified! Goal-oriented and collaborative IT professional with experience applying hardware and software design, installation,...
3
  |  
 0.0   |  Private   |  1 Jobs   |  1 verified credential(s)
Bid ID: 23846654  |  Submitted: Apr 15, 2011 00:46 ET 
Proposal SEALED

 Romania  |  
I build custom PHP+MySQL web applications to suit any requirements. ** SELECT Lifetime on the right side of the page to view all my past reviews....
3
  |  
 0.0   |  Private   |  0 Jobs
Bid ID: 23816679  |  Submitted: Apr 13, 2011 03:52 ET 
Proposal SEALED

 Romania  |  
Network and System engineer with over 7+ years of experience. Hardworking, professional, worked in several international projects with increasing...
4
  |  
 5.0   |  Private   |  3 Jobs
Bid ID: 23815376  |  Submitted: Apr 13, 2011 02:15 ET 
Proposal SEALED

 United States  |  
Over 11 years Information technology experience running the gamut of Information Security/Development and System Administration: programming and...
1
  |  
 5.0   |  $50 Earnings   |  1 Jobs
Bid ID: 23814751  |  Submitted: Apr 13, 2011 01:17 ET 
Proposal SEALED
Sign in to Elance and start working on jobs today.
Sign in to view more of the job details and submit a proposal. Once registered, you'll have access to thousands of jobs online or through email.
Are you ready to post a job like this one?
Post a Similar Job »