Trojan malware detected on website with outdated CMS?

See: https://app.webinspector.com/public/reports/52208336
This is a suspicious page
Result for 2016-04-10 14:38:53 UTC
Website: -http://canesearch.com
Checked URL: -http://canesearch.com/nicaragua/306624-incendioenlaa?a
Trojans detected:
Object: -http://canesearch.com/nicaragua/306624-incendioenlaa?a
SHA1: 27caf4a6b60d56855eaefc5c37ccae5a6137a685
Name: TrojWare.JS.Agent.caa

-http://canesearch.com
Detected libraries:
jquery - 1.3.2 : (active1) -http://canesearch.com/modules/mod_scrolltotop/js/jquery-1.3.2.min.js
Info: Severity: medium
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4969
http://research.insecurelabs.org/jquery/test/
Info: Severity: medium
http://bugs.jquery.com/ticket/11290
http://research.insecurelabs.org/jquery/test/
Info: Severity: medium
https://github.com/jquery/jquery/issues/2432
http://blog.jquery.com/2016/01/08/jquery-2-2-and-1-12-released/
(active) - the library was also found to be active by running code
1 vulnerable library detected

See: https://seomon.com/domain/canesearch.com/html_validator/

Joomla Version
1.5
Version does not appear to be latest 3.4.8 - update now.

Warning Directory Indexing Enabled :o
In the test we attempted to list the directory contents of the uploads and plugins folders to determine if Directory Indexing is enabled. This is an information leakage vulnerability that can reveal sensitive information regarding your site configuration or content.
/modules/ enabled
/components/ enabled
Directory indexing was tested on the /modules/ and /components/ directores. Note that other directories may have this web server feature enabled, so ensure you check other folders in your installation. It is good practice to ensure directory indexing is disabled for your full Joomla installation either through the web server configuration or .htaccess.

-http://canesearch.com/nicaragua/306624-incendioenlaa?a is in Dr.Web malicious sites list!
http://canesearch.com/nicaragua/306624-incendioenlaa?a infected with JS.Redirector.246
This is known SEO Spam javascript malware Avast detects as JS:HideLink-A [Trj].

Various instances: http://quttera.com/detailed_report/canesearch.com
41 malicious files: Severity: Malicious
Reason: Detected encoded JavaScript code commonly used to hide malicious behaviour.
Details: Malicious obfuscated JavaScript threat

Potentially suspicious code found in: /plugins/system/rokbox/rokbox.js
Severity: Potentially Suspicious
Reason: Detected potentially suspicious content.
Details: Detected potentially suspicious initialization of function pointer to JavaScript method write __tmpvar528546876 = write; see where this code lands: http://www.domxssscanner.com/scan?url=http%3A%2F%2Fcanesearch.com%2Fplugins%2Fsystem%2Frokbox%2Frokbox.js
For me going to -http://keycuracao.com/ insecurity for WP CMS: Warning User Enumeration is possible
The first two user ID’s were tested to determine if user enumeration is possible.

ID User Login
1 keycuracao keycuracao
2 None
It is recommended to rename the admin user account to reduce the chance of brute force attacks occurring. As this will reduce the chance of automated password attackers gaining access. However it is important to understand that if the author archives are enabled it is usually possible to enumerate all users within a WordPress installation.

polonus

Detected furthermore that the website http://keycuracao.com uses the now deprecated javascript asynchronous conditional resource loader yepnope1.5.4|WTFPL/. Here: Results from scanning URL: -http://keycuracao.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/ultimate.min.js?ver=3.15.1
Number of sources found: 9
Number of sinks found: 11
The bug: https://jsfiddle.net/dergachev/HHxK2/ It falls back to local script loading, but it is not quite clear whether this is because of yepnope or more of a Modernizr issue, consider

 (this,document); Modernizr.load=function(){yepnope.apply(window,[].slice.call(arguments,0));};

polonus