php mysql ajax programmer requiered to fix security vulnerabilities on Q&A website

This project was awarded to signo for $100 USD.

Get free quotes for a project like this
Employer working
Awarded to:
Skills Required
Project Budget
$30 - $100 USD
Total Bids
Project Description

I have a questions and answers website and i need some security vulnerability fixed. The vulnerabilities are tested and we have a report on them. The winning bidder will gain access to the report and the recommendations in it on how to fix them.

Detected vulnerabilities are:

1. User change informations vulnerability - an attacker can change any user informations including password, email, username… by sending a « POST » request via « [url removed, login to view] » with the targeted UserId of the victim.

2. Session Hijack Vulnerability (cookies handling) - we have a video showing how an attacker can hijack the victim account an get access to its profile.

3. Authentification bypass via SQL Injection Vulnerability - by providing specially crafted parameters to the login form, an attacker may be able to exploit this flaw to bypass authentification.

Selected bidder will be provided with the development environmet where he'll be able to do his work and all the reports we have including videos, scripts, reccommentations on how to fix vulnerabilities.


All of the files in our development environment are in Windows format. You must not change the format to Unix format when you upload to our servers.

If the job is not 100% completed to specifications you agree that there will not be a partial payment made for work done. We pay 100% for complete work and 0% for incomplete work.

Looking to make some money?

  • Set your budget and the timeframe
  • Outline your proposal
  • Get paid for your work

Hire Freelancers who also bid on this project

    • Forbes
    • The New York Times
    • Time
    • Wall Street Journal
    • Times Online