What is with this code?

[polonus]

Where: -http://soniabergman.com
Detected libraries:
jquery - 1.6.1 : (active1) -https://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js
Info: Severity: medium
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4969
http://research.insecurelabs.org/jquery/test/
Info: Severity: medium
http://bugs.jquery.com/ticket/11290
http://research.insecurelabs.org/jquery/test/
Info: Severity: medium
https://github.com/jquery/jquery/issues/2432
http://blog.jquery.com/2016/01/08/jquery-2-2-and-1-12-released/
(active) - the library was also found to be active by running code
1 vulnerable library detected

Code: [Select]

script
     info: ActiveXDataObjectsMDAC detected Microsoft.XMLHTTP
     info: [decodingLevel=0] found JavaScript
     error: line:21: SyntaxError: missing ; before statement:
          error: line:21: Google Sitemap Generator
          error: line:21: ^
    The variable should be redeclared.

Consider: http://www.domxssscanner.com/scan?url=https%3A%2F%2Fajax.googleapis.com%2Fajax%2Flibs%2Fjquery%2F1.6.1%2Fjquery.min.js
Javascrip does not accept spaces.

From landing at: https://sritest.io/#report/479a8c3b-f5d1-4619-8934-1e1ea1828161  D-Status

polonus

[polonus]

Here Avast detects, we are being protected: http://killmalware.com/benzworld.org/
Look at this is detected: http://www.domxssscanner.com/scan?url=http%3A%2F%2Fwww.benzworld.org%2Findex.php
Avast detects: HTML:Iframe-inf  or rather detected as these search results may be dated and no longer actual. ( Pondus, thanks)
Still the site has log-in insecurity and insecure IDs tracking:
Alerts (1)
Insecure login (1)
Password will be transmited in clear to -http://www.benzworld.org/forums/login.php?do=login
Infos (1)
Encryption (HTTPS) (1)
Communication is NOT encrypted

Checking for cloaking
There is a difference of 4229 bytes between the version of the page you serve to Chrome and the version you serve to GoogleBot. This probably means some code is running on your site that's trying to hide from browsers but make Google think there's something else on the page

<iframe src="hxtps://4514783.fls.doubleclick.net/activityi;src=4514783;type=invmedia;cat=xvsmbcya;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?" width="1" height="1" frameborder="0" style="display:none"></iframe>

Potential problems shown up and redirecting issues - also see URLs crawled: https://aw-snap.info/file-viewer/?tgt=http%3A%2F%2Fwww.benzworld.org%2Findex.php&ref_sel=GSP2&ua_sel=ff&fs=1  Thanks to redleg for the anaysis.

polonus (volunteer website security analyst and website error-hunter)

[polonus]

Where the previous DOM XSS Scanner code landed:
Then from the code here: Results from scanning URL: http://tags.crwdcntrl.net/c/8060/cc_af.js

Code: [Select]

error: undefined variable document.getElementsByTagName("head")[0]
     error: line:1: SyntaxError: missing ; before statement:
          error: line:1: var document.getElementsByTagName("head")[0] = 1;
          error: line:1: ....^
     info: [element] URL=p dot vibrant dot co/s/1?pvu=7B162A336DA94A32A77FE08EFBD8386F blocked by Script Blocker for me.
Code hick-up in the browser'context, maybe not in the document. Temporary failure in name resolution for the javascript unpacker....
should be executed on the onload page...
check with

Code: [Select]

var myError = new Error('foo');
myError instanceof Error // true
var myString = "Whatever";
myString instanceof Error // false
info credits go to Stackoverflow's Trott.

polonus

[polonus]

Human error in coding forms the biggest threat out there on the Internet.
Attackers and cybercriminals do not form the biggest threat, the biggest threat is formed by ignorance and arrogance and incompetence even or just driven by cost-effectiveness (keeping RC4 on because it is 3.5 times cheaper in operational costs despite of the fact it is far less secure).
So we have become better in bug hunting but we often have not got the time to do it. Code is presented as fit to use, while it has not as yet been thoroughly tested. Loads of code has not been upgraded and patched even or left code is still in use, while developers do no longer maintain it.
Then there is a whole area of insecurity because of misconfigurations and wrong settings or incompatibility in the wrong combination of security settings.
I am not allone with this view, the founding father of the Interwebs has this opinion: https://www.washingtonpost.com/blogs/post-live/wp/2016/05/18/meet-father-of-the-internet-vinton-g-cerf/
When we state code is retirable, it does not mean it is malcode per se, it has been followed up by a more secure version.
What I presented earlier in the thread are just code that has not been tested properly, code that comes undefined at a certain stage or never was properly checked and ascertained often while people do not want to spend either the time or the money.

Let us keep up following them coders like the lice in the fur of the software,
and see to it they feel many an itch from bugs undetected....     

polonus (volunteer website security analyst and website error-hunter)