Закрыт

Need a Drupal expert for fixing some issue

1

High

No client or server-side input validation has been implemented. This test successfully embedded a scripting the response, which will be executed once the page is loaded in the user's browser. Thus Cross-Site scripting attack is possible in the application.

Open

Run Time Error

Patch throughout the application

2

High

I-Frame injection attack is possible in the application.

Open

Run Time Error

Patch throughout the application

3

High

Denial of Service (DOS) attack is possible in the application.

Open

Open

-

4

High

The password between the server and client is passed in cleartext. It is possible for a malicious user to sniff into the network and access the application and password.

Open

Open

-

5

High

Malicious File Upload is possible in this Application.

Open

Page Not Working

Patch throughout the application

6

High

Upload module in the Public page.

Open

Page Not Working

-

7

High

Session Hijacking is possible in this Application.

Open

Open

-

8

Medium

It is possible to access authenticated pages through the back button of the browser. The back button is enabled in the application.

Open

Open

Patch throughout the application

9

Medium

Old Version of PHP, DRUPAL, jQuery and MySQL is used in the application.

Open

Open

-

10

Medium

Banner Grabbing is an enumeration technique used to glean information about the computer systems on a network, server information and the services running its open ports.

Open

Closed

-

11

Medium

The old version of Bootstrap is used in the application.

Open

Open

-

12

Medium

The application does not maintain audit trail properly where all user activities have to be logged. In-case a malicious user tries to attack the application; the application will not be able to trace the attacker.

Open

Open

-

13

Medium

It is possible to view the authenticated page from the cache option of the browser.

Open

Run Time Error

Patch throughout the application

14

Low

User Enumeration is possible in the application.

Open

Closed

15

Low

Email-Spamming is possible in the application.

Open

Open

Patch throughout the application

16

Low

Password Complexity is not implemented properly in the application.

Open

Page Not Working

-

17

Low

Password History is not maintained in the application.

Open

Page Not Working

-

18

Low

Application has the provision to remember all user names those have logged in or try to log in. Auto-fill is not disabled on login. Other fields can also display information, which can be misused by a malicious user.

Open

Open

-

19

Low

HTTP Method (OPTIONS) are enabled in the application.

Open

Open

Patch throughout the application

Навыки: Drupal, PHP, JavaScript, HTML, CSS

Показать больше: drupal expert systems, need seo expert website, need jamroom expert, drupal issues, drupal community, latest in drupal, drupal 8 modules list, drupal 7, drupal download, drupal 8, drupal 8 project, need drupal programmer, need dreamweaver expert, inda drupal expert, need excel expert, need flash expert, need dns expert, need asterisk expert, need joomla expert getafreelancercom, need vbulletin expert

О работодателе:
( 3 отзыв(-а, -ов) ) Hooghly, India

ID проекта: #25766935

2 фрилансеров(-а) готовы выполнить эту работу в среднем за $20

alkajain2906

I have very good experience in DRUPAL Back end admin panel and also the custom coding i have created more then 200+ project on drupal that has deep custom coding (custom modules). 
I am also certified by Insight Aquia Больше

$20 USD за 7 дней(-я)
(49 отзывов(-а))
5.7
asstolbov

Hello. So you have a Drupal site and need to work on its security?I have experience working with Drupal. I could implement this work. cost and terms after discussion. examples of works: [login to view URL] Больше

$20 USD за 7 дней(-я)
(2 отзывов(-а))
1.7