Probably malicious as explained here: http://stackoverflow.com/questions/2896405/what-does-this-code-do
Potentially suspicious code: http://jsunpack.jeek.org/?report=28d2eef92bf05098187f549584721800368c89d5
Procedure: + has been called with a string containing hidden JavaScript code .
changing-js-code-from-clicking-image-to-clicking-link …
Web application version:
Joomla Version 2.5.24 found at: htxp://achildsheartministries.com/administrator/manifests/files/joomla.xml
Joomla version outdated: Upgrade required.
Outdated Joomla Found: Joomla under 2.5.26 or 3.3.5
This is a Joomla malware hack: Web application version:
Joomla Version 2.5.19 found at: http://agem.com.pl/administrator/manifests/files/joomla.xml *
Joomla version outdated: Upgrade required.
Outdated Joomla Found: Joomla under 2.5.28 or 3.4.3
Joomla Modules, Components and Plugins
The following modules were detected from the HTML source of the Joomla front page.
jscroll
The following components were detected from the HTML source of the Joomla front page.
search.
Directory indexing was tested on the /modules/ and /components/ directores. It does not seem to be possible to list the directory contents using this method. Note that other directories may have this web server feature enabled, so ensure you check other folders in your installation.
External links check:
Externally Linked Host Hosting Provider Country
Warning User Enumeration is possible
The first two user ID’s were tested to determine if user enumeration is possible.
User ID 1 : devarondlh
User ID 2 : Managed WordPress Migration User
It is recommended to rename the admin user account to reduce the chance of brute force attacks occurring. As this will reduce the chance of automated password attackers gaining access. However it is important to understand that if the author archives are enabled it is usually possible to enumerate all users within a WordPress installation.
Only the first two user ID’s were tested with this scan, use the Nmap NSE enumeration scripts (use your own Nmap installation or try option 2 below) to discover additional user ID’s.
polonus (volunteer website security analyst and website error-hunter)