OrdaSoft forum
Welcome, Guest
Please Login or Register.    Lost Password?
JS & Javascript threats & vulnerabilities (0 viewing) 
MediaLibary Component Support
Go to bottom Favoured: 0
TOPIC: JS & Javascript threats & vulnerabilities
#40294
neborator777 (User)
Fresh Boarder
Posts: 11
graphgraph
User Offline Click here to see the profile of this user
JS & Javascript threats & vulnerabilities 9 Months, 3 Weeks ago Karma: 0  
Is this is a vulnerability in the scripts?

/home/z/z91510v7/aid-medialibrary.ru/public_html/libraries/vendor/phpmailer/phpmailer/class.phpmailer.php - RCE : CVE-2016-10045, CVE-2016-10031

Are those are real JS virus threats?

medialibrary.ru/public_html/administrator/components/com_virtuemart/views/media/tmpl/edit.php
[x] 1…::imitateTabs('start','COM_VIRTUEMART_PRODUCT_MEDIA';echo'<form name="adminForm" id="adminForm" method="post" enctype=" multipart/form-data">';echo '<fieldset>';$this->media->addHidden('view','media';$this->media->addHidden('task','';$th
23/08/2018 16:51:23
1.62 Kb
/home/z/z91510v7/aid-medialibrary.ru/public_html/administrator/components/com_virtuemart/views/user/tmpl/edit.php
[x] 1…ckground-color:#fff;color:#f00;}</style><form method="post" id="adminForm" name="adminForm" action="index.php" enctype=" multipart/form-data" class="form-validate" onSubmit="return myValidator(this);"><?php $tabarray=array();if(!empty($this-
23/08/2018 16:51:23
1.96 Kb
/home/z/z91510v7/aid-medialibrary.ru/public_html/administrator/components/com_virtuemart/views/category/tmpl/edit.php
[x] 1…($this);$editor=JFactory::getEditor();?><form action="index.php" method="post" id="adminForm" name="adminForm" enctype=" multipart/form-data"><?php AdminUIHelper::buildTabs($this,array('categoryform'=>'COM_VIRTUEMART_CATEGORY_FORM_LBL','cat
23/08/2018 16:51:23
1.41 Kb
/home/z/z91510v7/aid-medialibrary.ru/public_html/components/com_medialibrary/tcpdf/include/tcpdf_static.php
[x] 1…oft Windows: [Alt +00AD] or [Alt 0173]</li> *<li>UTF-8(hex): 0xC2 0xAD(c2ad)</li> *<li>UTF-8 character: chr(194).'�'</li> *</ul> * param$txt(string) input string * param$unicode(boolean) True i
10/04/2017 13:38:06
123.27 Kb
/home/z/z91510v7/aid-medialibrary.ru/public_html/administrator/components/com_medialibrary/medialibrary.php
[x] 1…->store();$book->checkin();}mosRedirect("index.php?option=$option";}function import($option){global$database,$my;$file= file($_FILES['import_file']['tmp_name']);$catid=mosGetParam($_POST,'import_catid';$type=mosGetParam($_POST,'import_typ
10/04/2017 13:38:06
351.51 Kb
/home/z/z91510v7/aid-medialibrary.ru/public_html/administrator/components/com_osgallery/helpers/osGalleryHelperAdmin.php
[x] 1… Exception('Getting content length is not supported.';}}}static function fileSave($dest,$post_form){if($post_form){if(! move_uploaded_file($_FILES['qqfile']['tmp_name'],$dest)){return false;}return true;}else{$input=fopen("php://input","r"
09/02/2017 09:32:46
59.80 Kb
/home/z/z91510v7/aid-medialibrary.ru/public_html/components/com_medialibrary/tcpdf/tcpdf_parser.php
[x] 1…o[s]+([0-9]+)[s]+([0-9]+)[s]+R/i',$trailer_data,$matches)>0){$xref['trailer']['info']=intval($matches[1]).'_'.intval( $matches[2]);}if(preg_match('/ID[s]*[][s]*[<]([^>]*)[>][s]*[<]([^>]*)[>]/i',$trailer_data,$matches)>0){$xref['trai
10/04/2017 13:38:06
31.97 Kb
/home/z/z91510v7/aid-medialibrary.ru/public_html/plugins/system/less/lessc/less.php/Less.php
[x] 1…e_string=' new '.$class.'('.Less_Parser::ArgString($arg).'';}return$obj;}public function NewObj2($class,$args){$obj=new $class($args[0],$args[1]);if($this->CacheEnabled()){$this->ObjCache($obj,$class,$args);}return$obj;}public function New
31/03/2016 13:07:42
241.97 Kb

Are those are real Javascript threats?

/home/z/z91510v7/aid-medialibrary.ru/public_html/components/com_osgallery/assets/libraries/bootstrap/bootstrapGall.js
[x] 1…ext==null)$el.data('resetText',$el[val]()) // push to event loop to allow forms to submit setTimeout($.proxy(function(){ $el[val](data[state]==null?this.options[state] : data[state]) if(state=='loadingText'{this.isLoading=true$el.addClass(
09/02/2017 09:32:46
67.40 Kb
/home/z/z91510v7/aid-medialibrary.ru/public_html/templates/classic_medialibrary_v2/bootstrap/js/bootstrap.js
[x] 1…ext==null)$el.data('resetText',$el[val]()) // push to event loop to allow forms to submit setTimeout($.proxy(function(){ $el[val](data[state]==null?this.options[state] : data[state]) if(state=='loadingText'{this.isLoading=true$el.addClass(
24/02/2017 10:49:50
68.11 Kb
 
Logged Logged  
  The administrator has disabled public write access.
#40298
admin (Admin)
Admin
Posts: 6612
graph
User Offline Click here to see the profile of this user
Re:JS & Javascript threats & vulnerabilities 9 Months, 3 Weeks ago Karma: 76  
What is it ?
How we can reproduce this ?

Regards
Andrew
OradSoft team
 
Logged Logged  
  The administrator has disabled public write access.
#40299
neborator777 (User)
Fresh Boarder
Posts: 11
graphgraph
User Offline Click here to see the profile of this user
Re:JS & Javascript threats & vulnerabilities 9 Months, 3 Weeks ago Karma: 0  
This is what the antivirus scanner showed as alleged, possible threats, JS viruses, Javascript viruses and script vulnerabilities. Moreover, the site that never opened for access, i.e., set, were not in any way changed. And that's what the scanner shows activity since the installation site (in this case, I recall on the website no one had access from the moment of installation!!!):

Cured 14 viruses
19.12.2018

aid-medialibrary.ru/public_html/plugins/content/apismtp/gov.php

aid-medialibrary.ru/public_html/plugins/content/apismtp/moscow.php

aid-medialibrary.ru/public_html/plugins/content/apismtp/novemb.php

aid-medialibrary.ru/public_html/plugins/content/apismtp/mylo.php

aid-medialibrary.ru/public_html/plugins/content/apismtp/airs.php

aid-medialibrary.ru/public_html/plugins/content/apismtp/get.php

aid-medialibrary.ru/public_html/plugins/content/apismtp/moss.php

aid-medialibrary.ru/public_html/plugins/content/apismtp/style.php

aid-medialibrary.ru/public_html/plugins/content/apismtp/all.php

aid-medialibrary.ru/public_html/plugins/content/apismtp/bob.php

aid-medialibrary.ru/public_html/plugins/content/apismtp/notes.php

aid-medialibrary.ru/public_html/plugins/content/apismtp/yand.php

aid-medialibrary.ru/public_html/plugins/content/apismtp/goff.php

aid-medialibrary.ru/public_html/plugins/content/apismtp/met.php

23.12.2018 16:22 Malicious code may be present Paranoid View
23.12.2018 16:14 Malicious code may be present Express View
16.11.2018 03:42 Malicious code may be present Paranoid View
13.11.2018 12:09 Malicious code may be present Express View
13.11.2018 12:03 Malicious code may be present Paranoid View
30.10.2018 15:27 Malicious code may be present Paranoid View
24.08.2018 17:58 No virus detected Paranoid View


How can that be? That's why I'm asking, are these really possible threats or is the scanner wrong?
 
Logged Logged  
  The administrator has disabled public write access.
#40304
admin (Admin)
Admin
Posts: 6612
graph
User Offline Click here to see the profile of this user
Re:JS & Javascript threats & vulnerabilities 9 Months, 3 Weeks ago Karma: 76  
Hi

Fist of all please will think: your site hacked and have viruses.

Best way for check:
Please check some files which your antivirus marked as virus.

With some utility like diff or kdiff or ... Please compare theses files with original files.

And if they different, please replace files on your site. Or please use backup copy of site.

Regards
Andrew
OrdaSoft team
 
Logged Logged  
  The administrator has disabled public write access.
Go to top
What are you looking for?
Anti-spam question: How many eyes has a typical person?