We use osCommerce for all our clients and provide specific plugins to them.
However, one of the plugins got hijacked and we could only remove it from the shop.
The client needs the plugin and we could not find out how someone could break through it. Most probably it was a SQL-Injection.
We will send you the entire source code of the oscommerce plugin and your job is to find the insecure line and fix it.
We will not give you access to the client's shop system for testing, of course.
This means: you should set up a simple oscommerce at your localhost or test server. Copy the plugin into it and test it there.
Then, let us know if you found the bug. If so, we will send you the payment in advance and after that, you tell us where you found it and also how to fix it.
Payment is in advance with 100% - no escrow and no payment if you can not find it.
The job requires very high PHP and security skills. If you are not experienced in this subject, please do not bid/waste your and my time.
I will send you the oscommerce plugin after bid. As soon as i have your confirmation that you found the bug => project awarding to you, full payment, delivery of fixed script and rating.
Please do not ask for exceptions. References are useless here. The only thing that counts for us, is: whether you find the bug or not.
This security issue is worth a lot and very important. That's why the budget is that big for it.
Looking forward to delivery asap to get the shops online again.
29 freelancers are bidding on average $1046 for this job
Hi, I work for a top MNC called AOL, with profile of building high end can secure web application. I can fix the code and problem really quickly for you. Regards Surya
Hi! I have gone through your requirement and i am glad that i can accomplish this task, i would be more interested to speak to you on IM. Pls give us an opportunity to work with you.
We will guarantee 99.9% hacker protection and vulnerability free website. This is custom work, we use only manual methods of analysis. See our website: [url removed, login to view]