« previous next »
Pages: [1]   Go Down

Author Topic: SE visitors redirects cleansed, but still security issues here....  (Read 847 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 34067
  • malware fighter
SE visitors redirects cleansed, but still security issues here....
« on: April 27, 2016, 02:59:35 PM »
This could be better, folks, with a meagre F-Status:  https://securityheaders.io/?q=http%3A%2F%2Fwww.baucity.cz
Now clean here: http://killmalware.com/baucity.cz/#
Even here they have done their homework: http://retire.insecurity.today/#!/scan/363611898939a3e648b56b4e4ee049177b36a01f8a67addd8085cc2343cab8b5
But certainly this good be better: auCity ® | VŠE PRO DŮM A BYDLENÍ | STAVEBNÍ MA... padlock icon
-www.baucity.cz
Alerts (1)
Insecure login (1)
Password will be transmited in clear to -http://www.baucity.cz/index.php
Infos (1)
Encryption (HTTPS) (1)
Communication is NOT encrypted

Excessive info and vulnerabilities:
Apache 2.2.22
Web Server
Debian
Operating System
PHP 5.4.41

In the code there is an undefined variable:
Code: [Select]
-scontent.xx.fbcdn.net/hprofile-xal1/v/t1.0-1/p50x50/12390853_857233031089682_6014378920874762529_n.jpg?oh=7e44aeee198c174faa8df1bfce1e0f89&oe=57B1EBC0
     info: [decodingLevel=0] found JavaScript
     error: undefined variable require
     error: undefined function require
     suspicious: maxruntime exceeded (always is sign something is not as it should! my remark, pol).

1 SRI script resource issue: https://sritest.io/#report/ca04ad35-3afc-485a-9ee6-2de623329d5e


polonus (volunteer website security analyst and website error-hunter)
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!
Pages: [1]   Go Up
« previous next »