Need OSCommerce security guru, PCI compliance developer
Required skills: OSCommerce, PHP, Software Architecture, SQL, Web Security
Hello,
Having trouble passing my PCI compliance with my OSCommerce website. I have an SQL injection issue and haven't a clue how to fix it. Probably a very simple problem for someone who has done it or is familiar. See below for error from Security Metrics (PCI compliance company):
> Description: Script allows SQL injection (gCards) Severity: Critical
> Problem
> CVE: CVE-2005-3048 Impact: A remote attacker could execute SQL
> commands on
> the back-end database, possibly leading to password retrieval,
> authentication bypass, unauthorized data access, or unauthorized data
> modification. Background: Structured Query Language (SQL) is the most
> common
> language understood by modern relational databases. It is made up of
> queries. A typical query reads: SELECT * FROM table WHERE condition where
> table is a table belonging to a relational database, and condition is a
> logic condition which is either true or false for each row of the
> table. The
> query would return any or all rows for which the condition is true.
> Resolution All user-supplied parameters should be checked for illegal
> characters, such as a single quote ('), before being used in an SQL
> query.
> See the references below for fix information for specific products.
> Vulnerability Details: Service: https Sent: GET //news.php?limit=
> HTTP/1.0
> User-Agent: Mozilla/4.0 Connection:
> Keep-alive
> Received: <font color="#000000"><b>1064 - You have an error in your SQL
> syntax; check the manual that corresponds to your MySQL server version
> for
> the right syntax to use near 'limit 1' at line 1<br><br>select
> page_id,page_name,short_desc,page_type from pages where page_type =
> 'News'
> and page_id = limit 1 <br><br><small><font color="#ff0000">[TEP
> STOP]</font></small><br><br></b></font>
Having trouble passing my PCI compliance with my OSCommerce website. I have an SQL injection issue and haven't a clue how to fix it. Probably a very simple problem for someone who has done it or is familiar. See below for error from Security Metrics (PCI compliance company):
> Description: Script allows SQL injection (gCards) Severity: Critical
> Problem
> CVE: CVE-2005-3048 Impact: A remote attacker could execute SQL
> commands on
> the back-end database, possibly leading to password retrieval,
> authentication bypass, unauthorized data access, or unauthorized data
> modification. Background: Structured Query Language (SQL) is the most
> common
> language understood by modern relational databases. It is made up of
> queries. A typical query reads: SELECT * FROM table WHERE condition where
> table is a table belonging to a relational database, and condition is a
> logic condition which is either true or false for each row of the
> table. The
> query would return any or all rows for which the condition is true.
> Resolution All user-supplied parameters should be checked for illegal
> characters, such as a single quote ('), before being used in an SQL
> query.
> See the references below for fix information for specific products.
> Vulnerability Details: Service: https Sent: GET //news.php?limit=
> HTTP/1.0
> User-Agent: Mozilla/4.0 Connection:
> Keep-alive
> Received: <font color="#000000"><b>1064 - You have an error in your SQL
> syntax; check the manual that corresponds to your MySQL server version
> for
> the right syntax to use near 'limit 1' at line 1<br><br>select
> page_id,page_name,short_desc,page_type from pages where page_type =
> 'News'
> and page_id = limit 1 <br><br><small><font color="#ff0000">[TEP
> STOP]</font></small><br><br></b></font>
Posted In:PHPSoftware ArchitectureSQL |
Related projects:
need oscommerce / cre guru for small project
way:
1. Product Image
2. Product Name
3. Product price / add to cart image
I need you to review the code, and make changes as necessary.
The OS is Linux, the scripts are CRE B2B 6.3.1.
I have a feeling that an oscommerce/CRE guru can fix this in about 5 minutes. I am looking to pay $ 30 for this service. I need the work performed in the next 6-8 hours. Full payment will be placed in escrow as soon as I accept your offer.
1. Product Image
2. Product Name
3. Product price / add to cart image
I need you to review the code, and make changes as necessary.
The OS is Linux, the scripts are CRE B2B 6.3.1.
I have a feeling that an oscommerce/CRE guru can fix this in about 5 minutes. I am looking to pay $ 30 for this service. I need the work performed in the next 6-8 hours. Full payment will be placed in escrow as soon as I accept your offer.
Need oscommerce CRE guru
oot this right now. I need you to review the code, and make changes as necessary.
The OS is Linux, the scripts are CRE B2B 6.3.1, the shipping modules used are stock (have not been customized/modified).
I have a feeling that an oscommerce/CRE guru can fix this in about 5 minutes. I am looking to pay $ 30 for this service. I need the work performed in the next 6-8 hours. Full payment will be placed in escrow as soon as I accept your offer.
The OS is Linux, the scripts are CRE B2B 6.3.1, the shipping modules used are stock (have not been customized/modified).
I have a feeling that an oscommerce/CRE guru can fix this in about 5 minutes. I am looking to pay $ 30 for this service. I need the work performed in the next 6-8 hours. Full payment will be placed in escrow as soon as I accept your offer.
Server Specialist >>for SecuriteyMetrics PCI Compliance
PCI Compliance for our VPS server(Linux)
We are running with Joomla and /shop/ x-cart.
Our merchant service request Security Metrics PCI Compliance,
We fail score of our VPS server.
There are several issue that we need to upgrade server ware and configure setting.
We can send you detail (report) from Security Metrics.
Please Security Metrics well know person/server specialist please
We are running with Joomla and /shop/ x-cart.
Our merchant service request Security Metrics PCI Compliance,
We fail score of our VPS server.
There are several issue that we need to upgrade server ware and configure setting.
We can send you detail (report) from Security Metrics.
Please Security Metrics well know person/server specialist please
Experienced Developer Php Cre
We require an experienced developer who knows CRE/OsC well. We've several projects that we need completing on our website that require knowlege of PHP & API.
These include:
- Inventory feature w/ API links to our eBay listings.
- Registration security feature callback (API).
- PCI compliance.
Developer must be contactable via MSN/SKYPE & phone. Contact us via PM for further info. Please include examples of your recent work.
These include:
- Inventory feature w/ API links to our eBay listings.
- Registration security feature callback (API).
- PCI compliance.
Developer must be contactable via MSN/SKYPE & phone. Contact us via PM for further info. Please include examples of your recent work.
Oscommerce Security Expert
p and goog1x.php files in image folder).
It has been cleaned and couple of security add-ons installed as per Oscommerce forums.
Still site keeps getting infected. We need a security expert who can suggest and implement patch.
No programming work required as such, so please bid carefully.
Only prior experienced in similar work will be considered.
It has been cleaned and couple of security add-ons installed as per Oscommerce forums.
Still site keeps getting infected. We need a security expert who can suggest and implement patch.
No programming work required as such, so please bid carefully.
Only prior experienced in similar work will be considered.
Oscommerce Webshop Guru 3
, details asked when ordered.
client account page more sophisticated
and much more work.
we pay per module , task done because its a very huge list and not want you to wait a long time for your well earned money of course
Additional Info (Added 8/5/2010 at 14:02 EST)...System Message: This is a reposting of project oscommerce webshop guru 2 (1280665287).
client account page more sophisticated
and much more work.
we pay per module , task done because its a very huge list and not want you to wait a long time for your well earned money of course
Additional Info (Added 8/5/2010 at 14:02 EST)...System Message: This is a reposting of project oscommerce webshop guru 2 (1280665287).
Oscommerce Webshop Guru 2
unt, details asked when ordered.
client account page more sophisticated
and much more work.
we pay per module , task done because its a very huge list and not want you to wait a long time for your well earned money of course
Additional Info (Added 8/1/2010 at 8:21 EST)...System Message: This is a reposting of project oscommerce webshop guru (1280221240).
client account page more sophisticated
and much more work.
we pay per module , task done because its a very huge list and not want you to wait a long time for your well earned money of course
Additional Info (Added 8/1/2010 at 8:21 EST)...System Message: This is a reposting of project oscommerce webshop guru (1280221240).
Oscommerce Security and hack fix (malware) -
need someone who can recommend what to do to secure the websites and what to ask for from now on to people who are going to perform jobs on the website.
I need to fix this malware infection and test site from known attacks
ADDITIONALLY I would like to install all collaborations listed here:
http://forums.oscommerce.com/index.php?showtopic=313323
To secure both websites
I need to fix this malware infection and test site from known attacks
ADDITIONALLY I would like to install all collaborations listed here:
http://forums.oscommerce.com/index.php?showtopic=313323
To secure both websites
Oscommerce Security Hole Patch
llo,
Our website was recently hacked and phishing website information installed on our server. The site is running oscommerce MS2.0. The website has been highly modified and there seems to be a hole in the security somewhere.
I have moved to a new host also to rule out that possibility. I need someone to check for known vulnerabilities of oscommerce in our website and make sure the site will not be hacked again in the same manner.
Thank you
Mark
Our website was recently hacked and phishing website information installed on our server. The site is running oscommerce MS2.0. The website has been highly modified and there seems to be a hole in the security somewhere.
I have moved to a new host also to rule out that possibility. I need someone to check for known vulnerabilities of oscommerce in our website and make sure the site will not be hacked again in the same manner.
Thank you
Mark
Academic Writing - PCI Compliance
re fine but there can be no paraphrasing or direct quotes & all sources must be properly cited.
In your bid, please include
a. your approximate word count
b. a blueprint / outline of the work you will create (table of contents)
c. how long it will take you to produce the product
d. any telecommunications industry qualifications (if available)
e. previous technical writing work
Thank you & happy bidding!
In your bid, please include
a. your approximate word count
b. a blueprint / outline of the work you will create (table of contents)
c. how long it will take you to produce the product
d. any telecommunications industry qualifications (if available)
e. previous technical writing work
Thank you & happy bidding!
PCI compliance expert - Immediate fix 2
I have a PCI compliance issue with a website and I need it to be fixed. Please let me know exact budget and time of completion.
PCI compliance expert - Immediate fix
I have a PCI compliance issue with a website and I need it to be fixed. Please let me know exact budget and time of completion.
Oscommerce security issue
y and solve current malware problem. Someone recently hacked my site. When I try to open any hyperlink from my html introduction page, Google chrome blocks access and puts message : mysite.com contains content from some other site known to distribute malware. There is no such message when I use Mozila or IE. My site uses oscommerce 2,2 and server is apache.
Os Commerce Update And Pci Compliance
we need os commerce update to the last update
and secure the website.. pci compliance
and secure the website.. pci compliance
PCI Compliance
phpinfo.php https (443/tcp)
phpinfo.php http (80/tcp)
PHP expose_php Information Disclosure http (80/tcp)
PHP expose_php Information Disclosure https (443/tcp)
Web Server Uses Plain Text Authentication Forms http (80/tcp)
Non-persistent Cross-Site Scripting Vulnerability http (80/tcp
Please send your expertise in PCI compliance, CSS and other cross sripting expertise
Oscommerce-security Issue/cgi
hanged. Our web site is hosted by Godaddy on a Virtual Dedicated Server.
#3
On our website we have another web page on our Web Store (Contact-Us.php which I believe is part of the standard package from OSCommerce) where customers can enter their name, email address, and comments and then click send. When they click send, the customer does not receive any notification that the msg was sent, and in addition, we never receive what they sent. This also needs to be fixed.
#3
On our website we have another web page on our Web Store (Contact-Us.php which I believe is part of the standard package from OSCommerce) where customers can enter their name, email address, and comments and then click send. When they click send, the customer does not receive any notification that the msg was sent, and in addition, we never receive what they sent. This also needs to be fixed.
PCI Compliance - Linux Server Administrator Consulting
m qualified applicants!
Additional information submitted: 01/15/2010 at 23:23 EST:
Additional information:
OS: CentOS
VPS: Plesk
Critical Application: Magento
Additional information submitted: 01/15/2010 at 23:23 EST:
Additional information:
OS: CentOS
VPS: Plesk
Critical Application: Magento
oscommerce / cre guru needed
yet live. PM me for URL.
You should know that I have the Product Attributes Pictures contribution installed (www.product-attribute-pictures.com), but I do not think that it is contributing to this problem.
I have a feeling that an oscommerce/CRE guru can fix this in a few minutes. I am looking to pay $ 30 for this service. I need the work performed in the next 6-8 hours. Full payment will be placed in escrow as soon as I accept your offer.
You should know that I have the Product Attributes Pictures contribution installed (www.product-attribute-pictures.com), but I do not think that it is contributing to this problem.
I have a feeling that an oscommerce/CRE guru can fix this in a few minutes. I am looking to pay $ 30 for this service. I need the work performed in the next 6-8 hours. Full payment will be placed in escrow as soon as I accept your offer.
need a facebook guru
This project is classified. i need a facebook GURU, a person who is well known of facebook.
the project is small.
happy bidding
