I am getting this message when going to the site hXtp://www.cuttingedgereps.com
I’m not a web developer, but I don’t see any frames in the source files.

Any ideas? Is this a false positive?

Hi kbh1972,

Stop DANGEROUS: LinkScanner Online has found
[WebAttacker]
Detail: Exploit: WebAttacker

This appears to be the WebAttacker exploit package.
Risk Category: Exploit
Description: XPL’s Intelligence Network has detected an exploit. An exploit is a piece of malware code that takes advantage of a vulnerability in a software application, usually the operating system or a web browser to infect a computer. Exploits usually target a computer by means of a drive-by download – the user has no idea that a download has even taken place. XPL recommends not visiting this web site regardless if your computer has been patched for the vulnerability.
Scanned:
Tuesday, March 31, 2009

Also finjan detected potential malicous behavior on the address: hxxp://www.cuttingedgereps.com/

Can you please make the link non-clickable like I did here above, we do not want the unaware click the link and get infected…

polonus

agree with polonus ! Its got a linkscanner

The bad code is script at the end of the page, it hides a iframe.

You might not see a specific iframe but there is a huge chunk of obfuscated script at the bottom of the source page, this could be converted into anything, is this site yours ?

See image, I have broken this script down to make it easier to see in the image as it is all on a single line, inserted before the . There is also another block of obfuscated script just after the opening Body tag, same drill as the other also with a after it.

I certainly don’t have the knowledge or tools to interpret this, but since javascript is a plan language scripting tool I get suspicious when it is obfuscated (what are they trying to hide).