Hi rickvidalton,
Web development may be "overly" fine at the site (see remarks about Blackhat SEO spam),
but the server the site is hosted on might have sloppy management and insecure configuration.
1. It does not look an X-frame-Options header was returned from that server, so you were and are indeed vulnerable to clickjacking.
2. Cookie not flagged as HttpOnly, site vulnerable to XSS attack.
3. Furthermore too excessive header info flagged.
A lot of hosting firms are in the game just for the money involved and security is not exactly their first priority so to say.
Especially where hundreds of sites are being hosted on one and the same IP (risks of being generally blacklisted by malware on other domains).
Your site has links to a site involved in black hat SEO Spam like the Hide-Me campaign, avast is one of the av-solutions to detects this spam fraud!
Site is infected: infected
guage="javascript"> function dnnviewstate() { var a=0,m,v,t,z,x=new array('9091968376','88879181928187863473749187849...
Problem with website software -> Web application version: CMS: joomla! 1.5 - open source content management
Joomla Version 1.5.18 - 1.5.26 for: htxp://www.villageshopskingsmill.com//media/system/js/caption.js
Joomla Version 1.5.18 to 1.5.26 for: htxp://www.villageshopskingsmill.com//language/en-GB/en-GB.ini
Link checks to be made:
Please check this list for unknown links on your website:
hxtp://www.plimun.com/ --> 'web design' -> black hat SEO read:
http://productforums.google.com/forum/#!topic/webmasters/yy3eFINipW8making a joke of penguin and Google -> hxtp://forum.joomla.org/viewtopic.php?t=795946 (flagged as with JS:HideMe-j[Trj] - Hide-Me SEO Spam
link credits go to poster mike1971hk on Google Product Forums.
htxp://www.visionefx.net/ --> 'visionefx design' OK
polonus