Checking on a site which code is just being cleansed from a hack.

[polonus]

See: https://validator.w3.org/nu/?doc=http%3A%2F%2Fwww.superiam.si%2F
Consider: http://toolbar.netcraft.com/site_report?url=http://www.superiam.si
Server: Apache
X-Powered-By: PHP/5.4.44, ASP.NET 2.0
Danger of clickjacking, because of these results: -https://securityheaders.io/?q=http%3A%2F%2Fwww.superiam.si%2F&followRedirects=on
Vuln.: http://www.superiam.si/
Detected libraries:
jquery-migrate - 1.2.1 : -http://www.superiam.si/media/jui/js/jquery-migrate.min.js
Info: Severity: medium
http://bugs.jquery.com/ticket/11290
http://research.insecurelabs.org/jquery/test/
swfobject - 2.2 : -http://www.superiam.si/modules/mod_swfobject/lib/swfobject.js
jquery - 1.11.2 : (active1) http://www.superiam.si/media/jui/js/jquery.min.js
Info: Severity: medium
https://github.com/jquery/jquery/issues/2432
http://blog.jquery.com/2016/01/08/jquery-2-2-and-1-12-released/
(active) - the library was also found to be active by running code
2 vulnerable libraries detected ->
http://www.domxssscanner.com/scan?url=http%3A%2F%2Fwww.superiam.si%2Fmedia%2Fjui%2Fjs%2Fjquery-migrate.min.js 

Code: [Select]

found JavaScript
     error: undefined variable jQuery
     error: undefined function e  
There is no function e, the e parameter itself should be added.

Website is on a DROWn vulnerable nameserver: https://test.drownattack.com/?site=ns1.amis.net

polonus (volunteer website security analyst and website error-hunter)