Author Topic: Removal from blacklist  (Read 621 times)

0 Members and 1 Guest are viewing this topic.

Offline d4rfl0w

  • Newbie
  • *
  • Posts: 1
Removal from blacklist
« on: July 29, 2022, 03:12:24 PM »
Good morning,

I would like to ask you to remove my domain 5palcow.pl from the blacklist. The website is virus free and this is a false positive.

I am asking you to remove it, because it reduces the traffic on the website by 40-50%.

https://www.virustotal.com/gui/url/dbac91801e18e4c964f041ad4063e3c0a87a7e1cbdcbbb9d25a79004fd896767/detection

Thank you.

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 86919
  • No support PMs thanks
Re: Removal from blacklist
« Reply #1 on: July 29, 2022, 06:59:14 PM »
-  Reporting a Possible False Positive File or Website
- https://www.avast.com/false-positive-file-form.php.
You should get a response in a day or two.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 22.9.6034 (build 22.9.7554.734) UI 1.0.728/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33519
  • malware fighter
Re: Removal from blacklist
« Reply #2 on: August 01, 2022, 01:59:03 PM »
Witam d4rfl0w,

It is not only avast that flags your site as being blacklisted, also McAfee has it blacklisted.

And 1 vendor still flags at VT: https://www.virustotal.com/gui/url/dbac91801e18e4c964f041ad4063e3c0a87a7e1cbdcbbb9d25a79004fd896767?nocache=1

I take it that you do not use MySQL smarty cache anymore, and now work Presta Shop CMS version 1.7.8.7,,
not vulnerable to SQL injection. PrestaShop CMS was being attacked from the 22 second of the previous month. Mind also that your PHP version is outdated!

In case your site is not vulnerable anymore, wait for a final verdict from avast team, as it is their definitions and they are the only ones to come and unblock in case of an FP. I see no CSP was found.

Retirable code detected:
Quote
bootstrap   3.2.0   Found in -htxps://5palcow.pl/themes/theme1138/cache/v_90_489ec085cf8d6f42ea9067ec79a88b42.js _____Vulnerability info:
Medium   28236 XSS in data-template, data-content and data-title properties of tooltip/popover CVE-2019-8331   1
Medium   20184 XSS in data-target property of scrollspy CVE-2018-14041   
Medium   20184 XSS in collapse data-parent attribute CVE-2018-14040   
Medium   20184 XSS in data-container property of tooltip CVE-2018-14042   
Medium   XSS is possible in the data-target attribute. CVE-2016-10735   
jquery-migrate   1.2.1   Found
- htxps://5palcow.pl/themes/theme1138/cache/v_90_489ec085cf8d6f42ea9067ec79a88b42.js _____Vulnerability info:
Medium   11290 Selector interpreted as HTML   12
jquery   1.11.0   Found in
-htxps://5palcow.pl/themes/theme1138/cache/v_90_489ec085cf8d6f42ea9067ec79a88b42.js _____Vulnerability info:
Medium   2432 3rd party CORS request may execute CVE-2015-9251
Medium   CVE-2015-9251 11974 parseHTML() executes scripts in event handlers   
Medium   CVE-2019-11358 jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution   
Medium   CVE-2020-11022 Regex in its jQuery.htmlPrefilter sometimes may introduce XSS   
Medium   CVE-2020-11023 Regex in its jQuery.htmlPrefilter sometimes may introduce XSS

pozdrawiam,

polonus (volunteer 3rd party cold reconnaissance website-security-analyst and website error-hunter)
« Last Edit: August 01, 2022, 02:01:38 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33519
  • malware fighter
« Last Edit: August 01, 2022, 11:50:53 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!