SE visitors redirect...blocked by Avast"s Webshield!

polonus · 2015-04-26T23:13:47.000Z

See: http://killmalware.com/homeloans-nevada.com/#
index
Severity: Suspicious
Reason: Detected suspicious redirection to external web resources at HTTP level.
Details: Detected HTTP redirection to htxp://abe.muhay.eu/s.php. Blocked by Avast’s Webshield for me! ;D ;D
File size[byte]: 0
File type: Unknown
Page/File MD5: 00000000000000000000000000000000
Scan duration[sec]: 0.001000
ISSUE DETECTED DEFINITION INFECTED URL
Website Malware MW:HTA:7 htxp://homeloans-nevada.com ( View Payload )
Suspicious conditional redirect. Details: http://sucuri.net/malware/entry/MW:HTA:7
Redirects users to:htxp://abe.muhay.eu/s.php

Web application version:
WordPress version: WordPress
Wordpress version from source: 3.3.2
Wordpress Version 3.3.2 based on: htxp://homeloans-nevada.com/wp-admin/js/common.js
WordPress directory: htxp://homeloans-nevada.com/wp-content
WordPress theme: htxp://homeloans-nevada.com/wp-content/themes/thesis_181/
Wordpress internal path: /home/content/59/7669159/html/wp-content/themes/thesis_181/index.php
WordPress version outdated: Upgrade required.
Outdated WordPress Found: WordPress Under 4.2

polonus

polonus · 2015-04-26T23:20:12.000Z

There is a gaping massive injection vulnerabilty in here: http://cdn.mlcalc.com/themes/mlcalc/jquery.pngFix.js
in the list of scripts included in above website…
Read: http://www.thespanner.co.uk/2012/06/12/pngfix/

pol

Announcements