Xsstrabajos

Creo que tengo un self-xss en 2 cuentas de Facebook, quiero acceder a mi lista de anuncios publicados en marketplace de Facebook y solo me aparece error, he intentado con otras cuentas y en esas cuentas si aparece la lista, ya eliminé cookies hasta volví a programar la PC y nada. Entre al código HTML y al parecer hay un Xss necesito eliminarlo para seguir trabajando en mis anuncios. Espero haberme explicado

El proyecto consiste en crear un sencillo plugin de wordpress que permita crear usuarios nuevos en wordpress cuando se realice una compra exitosa a través de hormart y eliminar o desactivar los usuarios cuando una renovación o pago falla en hotmart. Hotmart tiene una opción de notificaciones webhook de modo que cada transacción...inactivo o cambiarle el rol). 4. Adicionalmente, se puede añadir una opción de “avisar de cada transacción” donde se especifique un email al que se enviará un correo avisando de que se ha recibido una transacción y lo que se ha hecho. 5. Importante: se deben añadir los mecanismos de seguridad y protección recomendados por los estándares de desarrollo de wordpress y php,...

Estamos migrando mi página web hacia Amazon Web Services (AWS). Actualmente tengo un servidor E2 () en EEUU Virginia, cosa que montó nuestro diseñador web, el cual hizo nuestra página en Pres...en el sistema y seguridad, por lo tanto hay que hacer: -Análisis de vulnerabilidades en sitio web y levantamiento de servidor AWS, capaz de soportar 2000 visitas únicas diarias (variable en el tiempo). - Crear una nueva instancia (Sao Paulo) con instalación y configuración de CentOS y OpenSSH. - Instalar cPanel + WHM y llave SSL. - Implementación de ambiente seguro a nivel web y servidor (XSS, DDOS, SQL Injection, etc), actualizaciones automáticas, respaldo de datos, etc. - Migrar la página anterior (Prestas...

Se requiere programar o crear una página web. con 4 secciones distintas solamente en html o php. Se darán credenciales de acceso a hosting para realizar el trabajo. Se debe tener en consideración la seguridad en la programación. XSS y otros varios que afectan PHP. Secciones. 1. Tema a tratar, Factura Electrónica y Contabilidad Computacional. 2. Servicios Informáticos 3. Formulario de Contacto. 4. Quienes Somos. Existe un vídeo de la sección de contabilidad programado en Adobe After Effects que se debe modificar para mejor visual se entregaran los source. Se pueden usar templetes a discreción manteniendo los colores que se ven en la folletería que son los colores de la empresa deberá conte...

Hola. Sómos una startup de Colombia y estoy buscando a alguien que me ayude con pruebas de vulneratibilidad, SQL injection, xss, y seguridad en general. Podemos conversar del tema? Mi correo es betronica gmail com

...WooCommerce </li><li>Javascript, jQuery, Ajax, JSON </li><li>HTML5, CSS3/SASS, Frameworks CSS, compass, susy, breakpoint </li><li>Grunt, Gulp, Bower </li><li>Bases de datos MySQL, </li><li>APIs de Google/Facebook/Twitter/otros servicios </li><li>Administración de servidores Ubuntu/Debian, Apache, Nginx, NodeJS, Tarsnap, New Relic, etc. </li><li>GIT </li><li>Nociones básicas de seguridad (SQL injection, XSS, etc.). </li><li>Desarrollo responsive. </li><li>Photoshop, Illustrator, InVision </li><li>Slack y Trello</li></ul>Si tienes experiencia con algunas de esas MUCHO mejo...

Desarrollo y asistencia de seguridad en Redes, Hardware, aplicaciones y WEBApoyo en base de datos y programación de tablas dinámicas. ?Detección de inyección de malware en aplicaciones móviles. Horario Flexible, Se trabaja bajo objetivosRequisitos:Conocimiento en Seguridad en Redes, Aplicaciones, Hardware, WEBAmplio conocimiento en SQL, Inyection, xss, rfi, lfi, DNSManejo de herramientas de hacking éticoConocimiento en lenguaje de servidores: JSP, ASP, CGI, PHP o PER. ?Manejo de HTML5, JAVASCRIPT, APPLETS DE JAVA, CSS3, Ajax, JQUERY, ?PYTHON, RUBY, BOOTSTRAP & ACTIONSCRIPT. ?Bases de datos: MySQL, SQL Server & Oracle. ??Inglés Avanzado ?Competencias Humanas: ?Creativo, ?Trabajo en Equipo, Responsable, ?Honesto, ?Proactivo, ?In...

Por favor, regístrate o inicia sesión para ver los detalles.

Por favor, regístrate o inicia sesión para ver los detalles.

...el trabajo que tenga lo necesario para un excelente posicionamiento. Necesario que se pueda integrarlo con las redes sociales (Facebook, twitter, instagram). Testar las palabras que utilizamos en los títulos y los tags para que legar al máximo de las búsquedas. Tags imágenes con textos para mejorar posicionamiento en la busqueda   Seguridad: Optimizado para prevenir ataques de seguridad (XSS, SQLi, Frute Borce, etc).   Diseño Damos mucha importancia a un diseño limpio y con imagen de profesionalidad. Buscamos una web sencilla pero apostando por la elegancia calidad y creatividad. Los candidatos deben tener portafolio de trabajos y ser creativos. Buscamos profesionales con experiencia en diseño y creaci&oacut...

...desaparecer de las opciones al momento de completar los cupos de inscripción. El desarrollo consta de armado html programación y modelo de base de datos. Esto debe ser con html,javascript (se agradece el uso de jquery),css,php y mysql sin el uso de framework para php,debe ser cross-browser y los formularios con todas las validaciones y filtros para evitar todo tipo de ataques como sql injection, xss etc.. se adjunta el wireframe inicial para evaluación del proyecto el diseño se entregara en formato illustrator al momento de entregado comienza a correr el tiempo de desarrollo. Saludos, ...

Se requiere el desarrollo de un foro (PHP y Mysql) con todas las opciones basicas que contemplan (registro, login, categorias, posteos, respuestas)  Se pide solamente el desarrollo, nosotros entregariamos los diseños y el maquetado en HTML. Tantos los posteos como las respuestas deberian poder permitir ingresar codigo html validando y filtrando los intentos de ataques XSS. Gracias

...detected during the scan, such as infected files or directories. Enable automatic updates for Imunify AV to keep it up-to-date with the latest security patches. Set up email notifications for security events such as malware detection, suspicious file modifications, and virus outbreaks. Use the WebShield feature to protect against web-based attacks such as SQL injection and cross-site scripting (XSS). Use the Proactive Defense feature to detect and prevent attacks such as brute force attacks, DDoS attacks, and port scans. Regularly monitor the security logs to detect and prevent security threats. For cPanel and WHM: Enable two-factor authentication for all cPanel and WHM logins. Disable root-level access to cPanel and WHM, and create a separate administrative account with ...

...meaningful (no dummy text). The user-interface and interaction design should follow best practice for ecommerce systems. Consideration should be given to the use of the system on Mobile Devices. The application should be prepared in ASP.NET Core in C#, together with other associated technologies (HTML, CSS, JavaScript). It should not be possible to inject HTML, Script or SQL and the possible threat of XSS attacks should be mitigated Your work will be accompanied with a brief report explaining your application design process, starting with the planning phases which would generally include research into the purpose of the site, website structure (using site map, mock-ups or annotated wireframe, mood board for a desktop, laptop and mobile device) to meet the requirements of the web...

...chose to receive email updates on the state of the pool and will receive reminder emails related to the event once a time slots has been chosen. 11. Events pages and data will be deleted 1 moth after the event has passed. Security requirements: - Basic security standards like HTTPS encryption, input validation, and error handling. - Basic protection against SQL injection and cross-site scripting (XSS) attacks. Technical Requirements suggestions: - Front end - React.js - Back End - using Firebase might make it easier to complete, and allow easy email authentication etc. We’ll be available for further guidance and support all throughout the development of the website app. Thank you for taking the time to read this proposal....

...security of the project, including use of encryption on APIs. 4)Detecting and removing vulnerabilities with respect to user data and credentials(FYI Firebase is being used for auth). 5)Load testing and ensuring the code for compiled packages to achieve highest feasible speeds as per industry standards. 6)Ensure security from attacks like DB injection, clickjacking , automated tool attacking ,XSS , MIME-Sniffing ,HSTS, etc --- depending on feasibility. 8)Ensure sever setups and plan selections scalability without issues and security therein. (FYI: We are using Digital ocean) 9)Ensure account setups with API providers and security therein. 10) Ensuring the code doesn't have vulnerabilities which could lead to unnecessary billings at server and API providers. Feel free ask ...

Hello, I have attack on prestashop / server Ubuntu, the issue of prestashop is just one, that the image and other page not working in https but http, mean that something in database or other place is wrong, that allow http connection instead https connection, also server is set that accept http connection instead only https connection, i need to close the door 80 and prestashop ...just one, that the image and other page not working in https but http, mean that something in database or other place is wrong, that allow http connection instead https connection, also server is set that accept http connection instead only https connection, i need to close the door 80 and prestashop setting all into https no http like url and entire prestashop. I want block cache poisoning and xss attack ...

The issue of prestashop is just one, that the image and other page not working in https but http, mean that something in database or other place is wrong, that allow http connection instead https connection, also server is set that accept http connection instead only https connection, i need to close the door 80 and prestashop setting all into https no http like url and entire pre...just one, that the image and other page not working in https but http, mean that something in database or other place is wrong, that allow http connection instead https connection, also server is set that accept http connection instead only https connection, i need to close the door 80 and prestashop setting all into https no http like url and entire prestashop. I want block cache poisoning and xss attac...

Requirements 1. Home page about the company/shop 2. ecommerce site to sell clothing products - includes catalogs, admin accounts for managing operational activities 3. Abilities to upgrade/update any future functionalities 4. Integrate payment gateways for online payment 5. Enquiry & order forms from customers - no payment option 6. Compatible with Desktop & Mob...page about the company/shop 2. ecommerce site to sell clothing products - includes catalogs, admin accounts for managing operational activities 3. Abilities to upgrade/update any future functionalities 4. Integrate payment gateways for online payment 5. Enquiry & order forms from customers - no payment option 6. Compatible with Desktop & Mobile layout 7. Secure coding standards ex - SQL injections, XSS etc...

help to fix code attached requirement 1. please note down all steps when fix it. 2. add email and authentication when created new user.

Hello There, We need a Pure UI Designer ( NOT HTML Designer) for our projects. Reply with XSS-UIDESIGN

...Management. - Accounting: spendings, incomes main focus of the app will be are for the accounting so most of the features in this Section. - Simple POS for the University café & print services. - User permission handing. - Data filtering, and more. - Exporting data in various formats Like EXCEL, CSV, PDF, Plain Text, ETC. - Record full user actions on the application. - Fully secured from SQL injections, XSS, Session Hijacking, Credential Reuse, ETC. - Connecting to some other API(s) for adding extra features. - Multi-university handing. ...

scan 1 app + admin deeply with burp or other tools to get significant findings. we will pay 300$ for each domain (app+admin) only if you find high severity findings such as bypassing login, XSS proofs / SQLI , getting other users data etc. work is ready to be started. we ask for 1h work to see it's serious then we can put milestones.

Hi Chavilesh K., I noticed your profile and would like to offer you my project. We can discuss any details over chat.

- Must have good knowledge of the IT / Software Industry - Must have excellent English - Must be able to go in-depth and have the capability to write 1000-2000 words for a ubiquitous topic like how to cook pizza :-) BEFORE BIDDING WRITE XSS

To Prevent Reflected XSS in form page. - Need to use appropriate response headers - Need to use Content Security Policy (CSP) to reduce the severity of any XSS vulnerabilities 2. Unrestricted Upload of File with Dangerous Type (for 11 file uploads fields) - To restrict certain file extensions only - To set maximum file size and name length and validate it - To include Captcha to avoid bots

I need someone to examine my website and try to find security problems in it. Content Injection, SQL Injection Exploit, CSRF Exploit, XSS Exploit, other exploits.

WORKING start working on each vulnerability: 1. We suggest that you have a fresh Linux VM ready for each vulnerability. . You can create a copy of your VM for each vulnerability. 2. Read the vulnerability disclosure and check out related links. 3. Deploy the vulnerable version of wordpress. 4. Design a proof of concept attack (similar to what we did in class). 5. Demonstrate your attack Submission You must prepare a report as part of your project repository in markdown format (your ). For each vulnerability provide the following: * Very brief description of the vulnerability & its significance. * Designed attack. Include and link to your source codes. The information should be sufficient to reproduce the attack. * Demonstration of the attack. List the steps, screenshots, and a sh...

I need someone to implement counter measures to CSRF,SSRF and XSS for a website on local. The website is already built.

I need a freelancer to fix the following issues. 1. Stored Cross Site Scripting(XSS) 2. CSRF in change password Lead to account takeover 3. Introduce AUTH in the Header 4. HTML Injection 5. Unrestricted file upload 6. PHP Version Disclosure 7. Cookie management, session cookies are displayed to the user 8. Create a CORN job to send email everyday. Include data of a specific table. NOTE: I will not give access to Freelancer to the website. Instead, I will share the PHP code and the DB file. After making the fix, please provide me with the fixed files. I will review and test the changes internally before releasing the milestone. My PHP site has pages like login, forget and reset the password, create and update incidents, create and update documents, manage users, manage profiles, ...

I need a web platform for customers who subscribe through PayPal and Mercado Pago. Users must pay a subscription package to be able to access certain areas of the website. That there are 3 subscription packages and that each package has an a...the administrator panel, the administrator will be able to unsubscribe users, delete users, edit users, view ip, ban users and set the reason for the ban. If a user is banned, at the time of login it will appear that the user has been banned from the website for the reason that has been entered. Passwords must be in bycrypt. Login and Registration system must have CSRF protection. Anti Bypass XSS and other vulnerabilities. Must be on PHP v8.1.X The website must be optimized for SEO. And have a good score in PageSpeed ​​Insights. Friendly d...

PLEASE READ!! Are you my new web developer? I want you to build me...visitor, etc. etc. Website need to be in a few language, most of them google translate its fine, but English and danish need to be native (I'm a danish speaking man, I can definitely help) something similar to those websites.. I see you specialize in: Hosting plan advices Custom login and sign up forms safe from CSRF and XSS attacks Protected user routes and dynamic authentication SPA applications with modern frameworks AWS services such emails for user login verification Advanced CSS design for custom websites Cool animations and effects for website design SEO optimization for better organic reach REST API's integration Database design and modeling

I have had <xss...> database attacks on my site for a year. One of the people who looked at them said the problem was with the code of the membership company I'm using (). Here's a link to the code: I need someone to go over the code the modify it to eliminate the <xss...> attacks on my databased. I will be $75 to anybody who can show me the fix in the next two days.

...Prevention of XSS attacks Technology: .Net 6 Web API, C# Requirement: Development of middleware to help prevent XSS attacks by removing script tags or any other associated characters from incoming requests i.e. sanitizing the incoming jsaon date. Requests will be a. POST requests with json in the body. See example below Objective: Prevention of XSS attacks Technology: .Net 6 Web API, C# Requirement: Development of middleware to help prevent XSS attacks by removing script tags or any other associated characters from incoming requests i.e. sanitizing the incoming jsaon date. Requests will be a. POST requests with json in the body. See example below Objective: Prevention of XSS attacks Technology: .Net 6 Web API, C# Requirement: Development of m...

It is a project to create an application that allows you to create new kanban boards and tasks and subtasks for each step between the backlog and completion. Must be programmed in PHP 8, TWIG, Bootstrap 5, MYSQL (PHPMyAdmin), JAVASCRIPT and JQUERY (must not use web templates with any type of copyright). Must have best practices to prevent XSS attack. It would be a dynamic website (PHP running on the web server - php files and html files in different folders) and Responsive for different screen sizes and tablets. More instructions and functionality are specified and detailed in the attached files.

Need to build an informative website of 11 pages Arabic/English with CMS. if has to be responsive and compatible with the common browsers. it has to be secured against cyber attacks such as XSS and SQL injection, malware , bots ...etc it need to be connected with google analytics, also the CMS need to have the option to insert meta information and keywords for SEO it will show information from a ready made API in JSON it will also have a form that will send the information using an API the logins are just URLs to a ready made website the design materials has to be unique (this includes everything in the pages added by the designer)

i find some vulnerabilities on burpsuit scanner so i wanna understand how to use them

Hello, i have an app which is 50% Golang, 15% Ruby, 12.5% typescript, 12% HTML. It has some security flaws which need fixing. For example: -Password policy change to not allow easy passwords -Prtotection against Injection attacks (e.g. HTML injection, XSS, command injection) -Broken Authentication and session management - Bypass 2FA Authentication -Access control-related misconfigurations -Software misconfigurations -Sensitive data exposure -Open Redirect -Cache poisoning - Header Injection -Clickjacking I am looking for someone who knows how to fix security flaws.

Hello, i have an app which is 50% Golang, 15% Ruby, 12.5% typescript, 12% HTML. It has some security flaws which need fixing. For example: -Password policy change to not allow easy passwords -Prtotection against Injection attacks (e.g. HTML injection, XSS, command injection) -Broken Authentication and session management - Bypass 2FA Authentication -Access control-related misconfigurations -Software misconfigurations -Sensitive data exposure -Open Redirect -Cache poisoning - Header Injection -Clickjacking I am looking for someone who knows how to fix security flaws.

Hello, i have an app which is 50% Golang, 15% Ruby, 12.5% typescript, 12% HTML. It has some security flaws which need fixing. For example: -Password policy change to not allow easy passwords -Prtotection against Injection attacks (e.g. HTML injection, XSS, command injection) -Broken Authentication and session management - Bypass 2FA Authentication -Access control-related misconfigurations -Software misconfigurations -Sensitive data exposure -Open Redirect -Cache poisoning - Header Injection -Clickjacking I am looking for someone who knows how to fix security flaws.

Hello, i have an app which is 50% Golang, 15% Ruby, 12.5% typescript, 12% HTML. It has some security flaws which need fixing. For example: -Password policy change to not allow easy passwords -Prtotection against Injection attacks (e.g. HTML injection, XSS, command injection) -Broken Authentication and session management - Bypass 2FA Authentication -Access control-related misconfigurations -Software misconfigurations -Sensitive data exposure -Open Redirect -Cache poisoning - Header Injection -Clickjacking I am looking for someone who knows how to fix security flaws.

...panel (Back & front End) beside a strong order matching engine will be specified later. Module for adding and paring specified 50 coins i Module for adding and paring ERC20, TRC20, Bep20 token Wallets BTC + 2 fiat currencies Payment gateway 3 strategy bot trading for the exchange users 8. Integration of these security protocols: (SQL Injection Prevention, HTTPS Authentication, Cross-Site Scripting (XSS) Protection, 2 Factor Authentication, Data Encryption, Cross-Site Request Forgery (CSRF) Protection, Anti Distributed Denial of Service (DDoS) Protection) NFT Marketplace ERC721A/ERC721/ERC1155 Smart Contract ERC20 and Staking Smart Contract Minting Landing Page Wallet Connectivity (Desktop & mobile)...

Hello, i have an app which is 50% Golang, 15% Ruby, 12.5% typescript, 12% HTML. It has some security flaws which need fixing. For example: -Password policy change to not allow easy passwords -Prtotection against Injection attacks (e.g. HTML injection, XSS, command injection) -Broken Authentication and session management - Bypass 2FA Authentication -Access control-related misconfigurations -Software misconfigurations -Sensitive data exposure -HTTP Request Smuggling -Open Redirect -Cache poisoning - Header Injection -Clickjacking I am looking for someone who knows how to fix security flaws.

My friends html5 chat rooms are being hacked cause of the xss and patches are not updated/not there to stop them. I got screenshots of examples of the issue. Also they are using discord somehow to hack the chats as well. We need help asap. Thanks

I am looking for someone who can fix the following vulnerabilities in a simple Document Management Software on Java based open source D Space Version 6.0 1. Stored XSS - Cross-site scripting (also known as XSS) is a web security vulnerability which occurs when a malicious script is injected directly into a vulnerable web application cause of input validation. 2. Reflected XSS -- Reflected XSS is one of the part of Cross-Site-Scripting attacks and termed as “Non-Persistence XSS” or “Type II”. 3 Rate Limiting- number of wrong login attempts to be limited to 3 & then 15 mins wait 4. CSRF- cross site request forgery- The most effective way to protect against CSRF vulnerabilities requests an additional token th...

We need to implement on Apache server configuration for content security policy for a wordress site.

Looking for a full-stack developer to develop an admin and user dashboard with ...value to resubmit the form. ● Affiliate & Referral Program. ● Latest News (Blog style). ● Notification and Announcement page. ● Multilingual Support (Internationalization/i18n & RTL). ●Operations menu by user role -Display the latest news -Display the latest notifications and announcements -Display last login specifications Security Features ● JWT or ACLs Authentication ● Cross-Site Scripting (XSS) Protection ● SQL Injection Protection ● CSRF Protection ● Secure Encrypt Password Hashing ● 256-bit Enterprise-Grade Encryption ● SMTP / API Mail (Mailgun Email Service) ● Sending data through webhooks or APIs Also, the developer must sign a Non-disclosure Agreement to work on our project.

hello looking for XSS Stored expert only to find vulnerability in my web chat room code. the website open only for tests and for vulnerability finder. p.s self xss its not vulnerability just XSS Stored the chat with html entities and cloduflare WAF the chat base on html + php pm me if you think you can find xss stored only

based on xss dataset, 5000 words.

FRONTEND Application Frontend consist of a street map with Markers (service providers) and a search bar. Service Providers (Markers): 1) User will open website/APP 2) User can create marker 3) After click on create marker user can select marker position on map 4) User chose a category 5) User enter the details (Dynamic): - Name - Lat long (Auto fetch) - Cit...2. Markers management ( CRM based ) a. Create b. Edit c. Delete d. Approve e. Search/Filter 3. Full statistics on markers view, page view etc. 4. Application development should be done based on modules a. Markers b. Categories c. Reviews d. Users GENERAL 1. APP will load markers based on map zoom 2. APP will load marker details after marker its clicked 3. APP should be secured against DDOS ,XSS, injections and other types ...