Re: https://www.virustotal.com/nl/url/dce2d7eb823ddaf88e4c59099ad1ce40809e08ebdd77ce1b6f431b187559183c/analysis/1446592792/
and Infected With SEO Spam. ISSUE DETECTED DEFINITION INFECTED URL
SEO Spam MW:SPAM:SEO?g12 -http://apnabazaarpdx.com
SEO Spam MW:SPAM:SEO?g12 -http://www.apnabazaarpdx.com/index.php/vegetablesmenu
SEO Spam MW:SPAM:SEO?g12 -http://apnabazaarpdx.com
Known javascript malware. Details: http://sucuri.net/malware/entry/MW:SPAM:SEO?g12
t=‘’;}}x[l-a]=z;}document.write(‘<’+x[0]+’ ‘+x[4]+’>.‘+x[2]+’{‘+x[1]+’}</‘+x[0]+’>');}dnnViewState();

Web application version:
Joomla Version 2.5.4 found at: -http://apnabazaarpdx.com/administrator/manifests/files/joomla.xml
Joomla version outdated: Upgrade required.
Outdated Joomla Found: Joomla under 3.4.5

Detected libraries:
jquery - 1.6.3 : (active1) -http://ajax.googleapis.com/ajax/libs/jquery/1.6.3/jquery.min.js
Info: Severity: medium
http://bugs.jquery.com/ticket/11290
http://research.insecurelabs.org/jquery/test/
(active) - the library was also found to be active by running code
1 vulnerable library detected

External link: -http://learn.uca.ma/ vuln. PHP version → http://www.domxssscanner.com/scan?url=http%3A%2F%2Flearn.uca.ma%2Ftheme%2Fyui_combo.php%3F3.9.1%2Fbuild%2Fsimpleyui%2Fsimpleyui-min.js%263.9.1%2Fbuild%2Floader%2Floader-min.js

Malware detected: https://urlquery.net/report.php?id=1446592693580

polonus (volunteer website security analyst and website error-hunter)

P.S. On the use of innerHTML in the code, read: http://snook.ca/archives/javascript/whats_wrong_wit
and in relationship with DOM XSS threats: https://facebook.github.io/react/tips/dangerously-set-inner-html.html

D