See: http://urlquery.net/report/936bdd5b-c647-4bd0-895d-52eb499110cb
Checked for retirable code libraries:
BINGO: http://retire.insecurity.today/#!/scan/c2b3034b033c483fe654feafd771592eac8be1f0646c5b5a444c8a166f200ff0
Error in code:
-rubab-trading.site/ext/jquery/ui/jquery-ui-1.10.4.min.js benignRender as a block rather than a page.
info: [decodingLevel=0] found JavaScript
error: undefined variable jQuery
error: undefined function e.extend
error: undefined variable e
Also found link errors: FILE##jquery-ui-1.10.4.min.js 268 application/javascript
DEADLINK##/ext/jquery/ui/=h&&(null===o?l[a]=h:(c.mod&&(h-o>c.mod/2?o+=c.mod:o-h>c.mod/2&&(o-=c.mod
DEADLINK##/ext/jquery/ui/=h&&(null===o (no sanitization taking place: read: https://snyk.io/vuln/npm:jquery-ui:20160721 )
XSS in dialog
Consequences thereof: Results from scanning URL: -http://rubab-trading.site/ext/jquery/ui/jquery-ui-1.10.4.min.js
Number of sources found: 290
Number of sinks found: 14
What could be DOM-XSS abused manipulating UI elements? Consider:
this.options.value=this._values(this.options.values.length-1),this.options.values=null)),t.isArray(this.options.values)&&(n=this.options.values.length),t.Widget.prototype._setOption.apply(this,arguments),e){case"orientation":this._detectOrientation(),this.element.removeClass("ui-slider-horizontal ui-slider-vertical").addClass("ui-slider-
Loader.php should be tested also - for instance: bidndeal/loader.php?js=js/jquery.js;js/jquery.lightbox.js;
error
bidndeal/loader.php?js=js/jquery.js;js/
info: [decodingLevel=0] found JavaScript
error: undefined function n.getElementsByTagName
error: undefined variable n
polonus (volunteer website security analyst & website error-hunter)
P.S. Also three warnings here: https://asafaweb.com/Scan?Url=rubab-trading.site
PHP vuln: X-Powered-By: PHP/5.6.32, PleskLin exploitable.
D