« previous next »
Pages: [1]   Go Down

Author Topic: Website hacked and defaced and CMS issues...  (Read 1439 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33900
  • malware fighter
Website hacked and defaced and CMS issues...
« on: May 29, 2016, 02:07:29 AM »
Re: http://killmalware.com/med-rp.com/  &  https://aw-snap.info/file-viewer/?tgt=http%3A%2F%2Fmed-rp.com&ref_sel=GSP2&ua_sel=ff&fs=1
X-Powered-By: PHP/5.4.39, PleskLin -> https://www.cvedetails.com/vulnerability-list/vendor_id-74/product_id-128/version_id-183005/PHP-PHP-5.4.39.html
WordPress Version
3.1
Version does not appear to be latest 4.5.2 - update now.

WordPress Plugins
The following plugins were detected by reading the HTML source of the WordPress sites front page.

wordpress-google-maps 1.0.4   latest release (2.5.4) Update required
http://premium.wpmudev.org/project/wordpress-google-maps-plugin

-http://med-rp.com
Detected libraries:
jquery - 1.3.2 : -http://www.med-rp.com/wp-content/themes/qualifire/scripts/jquery-1.3.2.min.js?ver=3.1.2
Info: Severity: medium
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4969
http://research.insecurelabs.org/jquery/test/
Info: Severity: medium
http://bugs.jquery.com/ticket/11290
http://research.insecurelabs.org/jquery/test/
Info: Severity: medium
https://github.com/jquery/jquery/issues/2432
http://blog.jquery.com/2016/01/08/jquery-2-2-and-1-12-released/
jquery.prettyPhoto - 2.5.6 : -http://www.med-rp.com/wp-content/themes/qualifire/scripts/prettyPhoto/js/jquery.prettyPhoto.js?ver=2.5.6
Info: Severity: high
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6837&cid=3
Info: Severity: high
https://github.com/scaron/prettyphoto/issues/149
https://blog.anantshri.info/forgotten_disclosure_dom_xss_prettyphoto
2 vulnerable libraries detected

pol
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33900
  • malware fighter
Re: Website hacked and defaced and CMS issues (fatal error on theme install).
« Reply #1 on: May 29, 2016, 02:28:08 AM »
There is also a fatal error in the following script: http://www.med-rp.com/wp-content/themes/qualifire/scripts/script.js?ver=1.0
Code: [Select]
     info: [decodingLevel=0] found JavaScript
     error: undefined variable Cufon
     error: undefined function Cufon.set
Theme does not seem to been installed correctly. User navigated to the themes file himself, while this should be done by WordPress.
So it is being installed as HTML and not as the right PHP index file or with a syntax error. Having a testing site alongside to the index.php site
is a good practice to detect such errors.

polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!
Pages: [1]   Go Up
« previous next »