Announcement

Collapse
No announcement yet.

Hacker Guardian Scans...

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    Hacker Guardian Scans...

    Any views on this service?
    - got it free when I bought an SSL somewhere...

    I did a scan, and two sites (out of three) had this similar "red" warning - see attached image (I've blanked off our site/product search ref just in case)

    - should I be worrried?

    I assume the ss0000*.pl scripts are generated, as the filesize is different for different sites...
    Attached Files

    #2
    Adding extra message here to make this post appear in the section... forum bug?
    Attached Files

    Comment


      #3
      Two more I think needs resolving by Sellerdeck

      #1 : JQuery version needs updating
      #2 : Not sure...

      See images.

      We're on v18.02, so I don't know if v18.03 fixes these problems.
      Attached Files

      Comment


        #4
        Call me thick or whatever but I can't see any images.....
        Elysium:Online - Official Accredited SellerDeck Partner
        SellerDeck Design, Build, Hosting & Promotion
        Based in rural Northants

        Comment


          #5
          No attachments on my posts?

          I will try to copy paste the details later...

          Comment


            #6
            Call me thick or whatever but I can't see any images.....
            Odd. I see them in both Chrome and Firefox.
            -----------------------------------------

            First Tackle - Fly Fishing and Game Angling

            -----------------------------------------

            Comment


              #7
              Originally posted by zgap111 View Post
              - should I be worrried?
              No more than normal!

              With regards to the JQUERY and XSS Cgi-bin, possibly. With regards to the SQL Injection warning, less so.
              Sellerdeck does not have an SQL/mySql database behind it, therefore "standard" SQL injection attacks would have no meaningful output. I'd guess that this, after investigation by Sellerdeck, might yield a false positive.
              JQuery issue is relatively straight forward to resolve, simply by referencing a more up to date JQuery library. Sellerdeck, or a Sellerdeck designer/developer could assist with that.
              The XSS cgi vulnerability is one that Sellerdeck would also need to investigate and potentially address in a future update.

              The cat and mouse game of software patches tocombat newly discovered vulnerbilities/exploits will always go on, as long as human beings have anything to do with writing code.

              Fergus Weir - teclan ltd
              Ecommerce Digital Marketing

              SellerDeck Responsive Web Design

              SellerDeck Hosting
              SellerDeck Digital Marketing

              Comment


                #8
                Originally posted by fergusw View Post
                The cat and mouse game of software patches tocombat newly discovered vulnerbilities/exploits will always go on, as long as human beings have anything to do with writing code.
                I agree

                re: SQL : Apparently I can contest those results as "false positives"... I try to do that for the SQL

                It would be nice if Sellerdeck can release interim fixes - esp security ones...

                Comment

                Working...
                X