See: http://killmalware.com/remida.ru/
and https://sitecheck.sucuri.net/results/remida.ru#sitecheck-details

Web application version:
Joomla Version 1.5.8 to 1.5.14 for: -http://remida.ru/media/system/js/caption.js
Joomla Version 1.5.9 to 1.5.13 for: -http://remida.ru/language/en-GB/en-GB.ini
Joomla version outdated: Upgrade required.
Outdated Joomla Found: Joomla under 3.5.1

On that IP: https://cymon.io/195.208.1.134 & https://www.scumware.org/report/195.208.1.134.html

Avast should detect JS/Redir

Vuln. in http://www.domxssscanner.com/scan?url=http%3A%2F%2Fremida.ru%2Fmedia%2Fsystem%2Fjs%2Fmootools.js

contradictory to: http://www.domxssscanner.com/scan?url=http%3A%2F%2Fremida.ru%2Fmedia%2Fsystem%2Fjs%2Fcaption.js
Number of sources found: 0
Number of sinks found: 0

Insecure: Аудиторская фирма “Ремида Аудит” padlock icon
remida.ru
Alerts (1)
Insecure login (1)
Password will be transmited in clear to http://remida.ru/index.php
Infos (1)
Encryption (HTTPS) (1)
Communication is NOT encrypted

See: http://toolbar.netcraft.com/site_report?url=http://remida.ru

polonus (volunteer website security analyst and website error-hunter)

For the DOM XSS scanned mootools script, we should go over: https://searchcode.com/codesearch/view/76380898/

For instance value=document.cookie.match is depending on the regular expression for matching as a string.match (regexp) will find an array of matches.

example:

var cml = document.cookie.match/..../[^;]+(\d{6}\;/)[1]

This as we have a sink this.value= and value+=

Where the file manager code is concerned, there is more to skim over, like document.write('<script id = etc.

This just comes to show what we all should take into consideration while going over that code security wise.

As all code comes delivered as fit to use and not completely pentested for security flaws of sorts,
we should leave it here.

I just posted the above just as to describe that it is not all that easy as one might think of as first,
but I have to admit very, very interesting material.

Oftenthis may be rather rewarding for those that seek further security,
while the dark hats already have gone over all such flaws to seek their little worm-holes as well.

While on the other hand, this is diminishing these threats enormously:
https://sritest.io/#report/fddc96b0-314b-432f-a450-ece65572ba83 Full A-Status founf.

polonus