Scan results wrong
-
I run a scan and Cerber finds things like this
/nextend-smart-slider3-pro/Nextend/Framework/Style/Style.php >>> Suspicious code found (HIGH)
Line 14:id`
Line 15:hash
Line 16:image
Line 17:value
Line 14:id
Line 15:hash
Line 15:hash
Line 14:id
Line 23:application
Line 24:section
Line 25:referencekey
Line 17:value
Line 27:system
Line 28:editable
Line 14:id
Line 23:application
Line 23:application
Line 24:section
Line 25:referencekey
Line 23:application
Line 24:section
Line 27:system
Line 28:editable
Line 14:id
Line 38:group
Line 39:type
Line 40:params
Line 14:id
Line 14:id
Line 45:alias
Line 46:title
Line 39:type
Line 40:params
Line 49:status
Line 50:time
Line 51:thumbnail
Line 52:ordering
Line 49:status
Line 50:time
Line 14:id
Line 52:ordering
Line 52:ordering
Line 14:id
Line 46:title
Line 67:slider
Line 70:published
Line 71:first
Line 72:slide
Line 73:description
Line 51:thumbnail
Line 40:params
Line 52:ordering
Line 14:id
Line 70:published
Line 51:thumbnail
Line 51:thumbnail
Line 52:ordering
Line 67:sliderExecute arbitrary command on the web server (BCTK)`
This is just one example. There are different with the same plugin, but also issues with other plugins. The thing theyy have in common is that in this marked lines there is nothing at all. Sometimes it is an empty row, sometimes a comment row starting with # and sometimes a row with different code. Also the marked code for the lines isn’t available in the entire file.
What is going on here? I can’t check everything which Cerber has found. I need only results of real things. This I can check, everything else takes to much time (it happens often).
-
I have done so… as expected it just marking the plugin as verified. But why is Cerber finding things in files which are not there? Do I need to do this for each plugin now? This means after each plugin update I need to re-de so. It would be better if Cerber would only find real things.
- The topic ‘Scan results wrong’ is closed to new replies.
