Author Topic: One of the many, many, many open source websites with insecure log-in...  (Read 729 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 33927
  • malware fighter
Re: http://www.xoc.biz/login/?from=/
Control Panel - Sign in padlock icon
www.xoc.biz
Alerts (1)
Insecure login (1)
Password will be transmited in clear to http://www.xoc.biz/login/?from=/
Infos (1)
Encryption (HTTPS) (1)
Communication is NOT encrypted  -> http://toolbar.netcraft.com/site_report?url=http://www.xoc.biz
No vulnerable jQuery libraries found

HTTP Server: nginx 1.2.1 (Outdated) when that server software has not been updated and patched,
at least there is server header version info proliferation.

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!