Avast community forum
Home
Help
Search
Login
Register
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
High risk magento cms website, susceptible to man-in-the-middle attacks..
« previous
next »
Print
Pages: [
1
]
Go Down
Author
Topic: High risk magento cms website, susceptible to man-in-the-middle attacks.. (Read 1043 times)
0 Members and 1 Guest are viewing this topic.
polonus
Avast Überevangelist
Probably Bot
Posts: 34065
malware fighter
High risk magento cms website, susceptible to man-in-the-middle attacks..
«
on:
March 02, 2019, 07:31:42 PM »
High Risk Website - Re:
https://www.magereport.com/scan/?s=https://eu.carnivoreclub.co/
Re: Set-Cookie: X-Magento-Vary=dad925730303a1361d3394e8156c081ab5bb24a5; path=/; secure; HttpOnly
Pragma: no-cache
Also see:
http://carnivoreclub.co.ipaddress.com/
Given as with a low risk here:
https://sitecheck.sucuri.net/results/carnivoreclub.co
28 hints for improvement given here:
https://webhint.io/scanner/b2c70abc-c577-450e-842f-6b06e01c714c
HSTS header does not contain required header values, like max-age, IncludeSubDomains and preload.list inclusion.
polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
polonus
Avast Überevangelist
Probably Bot
Posts: 34065
malware fighter
Re: High risk magento cms website, susceptible to man-in-the-middle attacks..
«
Reply #1 on:
March 03, 2019, 04:53:51 PM »
There is redirection going on:
https://aw-snap.info/file-viewer/?protocol=secure&ref_sel=GSP2&ua_sel=ff&chk-cache=&fs=1&tgt=dXMuXnx9blt2XX17Xmx1Yi5eXWA%3D~enc
29 recommendations:
https://webhint.io/scanner/89bb24ab-4856-471d-85b5-0ffb1762733d
Vuln. : HTTP Strict Transport Security (HSTS) not enforced
HSTS header does not contain max-age
HSTS header does not contain includeSubDomains
HSTS header not prepared for preload list inclusion
See:
https://toolbar.netcraft.com/site_report?url=https%3A%2F%2Fus.carnivoreclub.co
Load time seems longer than the normal 750 miliseconds...
Retirable jQuery libraries: jquery 1.12.4 Found in hxtps://eu.carnivoreclub.co/static/version1551364254/frontend/CC/theme/en_US/js/bundle/bundle2.js
Vulnerability info:
Medium 2432 3rd party CORS request may execute CVE-2015-9251 1234
Medium CVE-2015-9251 11974 parseHTML() executes scripts in event handlers 123
knockout 3.3.0 Found in httxs://eu.carnivoreclub.co/static/version1551364254/frontend/CC/theme/en_US/js/bundle/bundle3.js
Vulnerability info:
Medium XSS injection point in attr name binding for browser IE7 and older
See:
https://www.virustotal.com/#/ip-address/34.236.141.231
Also consider: Results from scanning URL for DOM-XSS issues: hxtps://us.carnivoreclub.co/static/version1551364254/frontend/CC/theme/en_US/mage/requirejs/static.js
Number of sources found: 269 ; number of sinks found: 224
polonus
«
Last Edit: March 03, 2019, 05:51:43 PM by polonus
»
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Print
Pages: [
1
]
Go Up
« previous
next »
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
High risk magento cms website, susceptible to man-in-the-middle attacks..