GeneralInformation

Hostnames	deltasecurity.ba
Domains	deltasecurity.ba
Country	United States
City	San Francisco
Organization	Cloudflare, Inc.
ISP	Cloudflare, Inc.
ASN	AS13335

WebTechnologies

Analytics

Google Analytics

Blogs

WordPress

CDN

Google Hosted Libraries

Cloudflare

CMS

WordPress

Databases

MySQL

Ecommerce

WooCommerce4.2.0

Abicart

Form builders

Contact Form 75.1.9

JavaScript frameworks

WOW1.0.1

JavaScript graphics

WOW1.0.1

JavaScript libraries

Mixitup

Miscellaneous

HTTP/3

Photo galleries

Slider Revolution5.4.8.3

Programming languages

PHP

Security

reCAPTCHA

Tag managers

Google Tag Manager

UI frameworks

Bootstrap

Web frameworks

WOW1.0.1

Widgets

Slider Revolution5.4.8.3

WordPress plugins

WooCommerce4.2.0

Contact Form 75.1.9

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2024(3)

CVE-2024-25117

6.8php-svg-lib is a scalable vector graphics (SVG) file parsing/rendering library. Prior to version 0.5.2, php-svg-lib fails to validate that font-family doesn't contain a PHAR url, which might leads to RCE on PHP < 8.0, and doesn't validate if external references are allowed. This might leads to bypass of restrictions or RCE on projects that are using it, if they do not strictly revalidate the fontName that is passed by php-svg-lib. The `Style::fromAttributes(`), or the `Style::parseCssStyle()` should check the content of the `font-family` and prevents it to use a PHAR url, to avoid passing an invalid and dangerous `fontName` value to other libraries. The same check as done in the `Style::fromStyleSheets` might be reused. Libraries using this library as a dependency might be vulnerable to some bypass of restrictions, or even remote code execution, if they do not double check the value of the `fontName` that is passed by php-svg-lib. Version 0.5.2 contains a fix for this issue.

CVE-2024-9944

5.3The WooCommerce plugin for WordPress is vulnerable to HTML Injection in all versions up to, and including, 9.0.2. This is due to the plugin not properly neutralizing HTML elements from submitted order forms. This makes it possible for unauthenticated attackers to inject arbitrary HTML that will render when the administrator views order form submissions.

CVE-2024-5458

5.3In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, due to a code logic error, filtering functions such as filter_var when validating URLs (FILTER_VALIDATE_URL) for certain types of URLs the function will result in invalid user information (username + password part of URLs) being treated as valid user information. This may lead to the downstream code accepting invalid URLs as valid and parsing them incorrectly.

2023(1)

CVE-2023-52222

4.3Cross-Site Request Forgery (CSRF) vulnerability in Automattic WooCommerce.This issue affects WooCommerce: from n/a through 8.2.2.

2022(3)

CVE-2022-4900

6.2A vulnerability was found in PHP where setting the environment variable PHP_CLI_SERVER_WORKERS to a large value leads to a heap buffer overflow.

CVE-2022-2099

4.8The WooCommerce WordPress plugin before 6.6.0 is vulnerable to stored HTML injection due to lack of escaping and sanitizing in the payment gateway titles

CVE-2022-0775

4.3The WooCommerce WordPress plugin before 6.2.1 does not have proper authorisation check when deleting reviews, which could allow any authenticated users, such as subscriber to delete arbitrary comment

2021(2)

CVE-2021-32790

4.9Woocommerce is an open source eCommerce plugin for WordPress. An SQL injection vulnerability impacts all WooCommerce sites running the WooCommerce plugin between version 3.3.0 and 3.3.6. Malicious actors (already) having admin access, or API keys to the WooCommerce site can exploit vulnerable endpoints of `/wp-json/wc/v3/webhooks`, `/wp-json/wc/v2/webhooks` and other webhook listing API. Read-only SQL queries can be executed using this exploit, while data will not be returned, by carefully crafting `search` parameter information can be disclosed using timing and related attacks. Version 3.3.6 is the earliest version of Woocommerce with a patch for this vulnerability. There are no known workarounds other than upgrading.

CVE-2021-24323

4.8When taxes are enabled, the "Additional tax classes" field was not properly sanitised or escaped before being output back in the admin dashboard, allowing high privilege users such as admin to use XSS payloads even when the unfiltered_html is disabled

2020(4)

CVE-2020-29156

5.3The WooCommerce plugin before 4.7.0 for WordPress allows remote attackers to view the status of arbitrary orders via the order_id parameter in a fetch_order_status action.

CVE-2020-11023

6.9In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

CVE-2020-11022

6.9In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

CVE-2020-7656

6.1jquery prior to 1.9.0 allows Cross-site Scripting attacks via the load method. The load method fails to recognize and remove "<script>" HTML tags that contain a whitespace character, i.e: "</script >", which results in the enclosed script logic to be executed.

2019(1)

CVE-2019-11358

6.1jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.

2015(1)

CVE-2015-9251

6.1jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.

2013(1)

CVE-2013-2220

7.5Buffer overflow in the radius_get_vendor_attr function in the Radius extension before 1.2.7 for PHP allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large Vendor Specific Attributes (VSA) length value.

2012(1)

CVE-2012-6708

6.1jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions, jQuery determined whether the input was HTML by looking for the '<' character anywhere in the string, giving attackers more flexibility when attempting to construct a malicious payload. In fixed versions, jQuery only deems the input to be HTML if it explicitly starts with the '<' character, limiting exploitability only to attackers who can control the beginning of a string, which is far less common.

2007(1)

CVE-2007-3205

5.0The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Suhosin, when called without a second parameter, might allow remote attackers to overwrite arbitrary variables by specifying variable names and values in the string to be parsed. NOTE: it is not clear whether this is a design limitation of the function or a bug in PHP, although it is likely to be regarded as a bug in Hardened-PHP and Suhosin.

OpenPorts

80 443 2052 2082 2083 2086 2087 2096 8080 8443 8880

80 / tcp

-611725504 | 2025-03-19T21:48:57.152498

Hashes

hash

-37838372

http.dom_hash

1341576223

http.html_hash

-611725504

http.server_hash

958142897

http.title_hash

-370455168

Dotname

HTTP/1.1 200 OK
Date: Wed, 19 Mar 2025 21:48:56 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
cf-cache-status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t9No2gEWCE%2BscJ6Ui4wD5HPry9sidnyid2EwsV1CQlOq73Ii7WfvyEXQTWsazcrWpg0IS2gDm8tpiHUVkgQn6c0E0MMfpMV5uRxgmwaerHiEwQQFxe9S1w6uiNRZbiPaUuUm1Dqz"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 92302d45386dcfe9-SJC
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1276&min_rtt=1276&rtt_var=638&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=259&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

Vulnerabilities

443 / tcp

-1581672382 | 2025-03-21T12:22:45.586141

Hashes

hash

1296287597

http.dom_hash

-1411700545

http.favicon.hash

-351997356

http.html_hash

-1581672382

http.server_hash

958142897

Delta security d.o.o. – Agencija za zaštitu ljudi i imovine

HTTP/1.1 200 OK
Date: Fri, 21 Mar 2025 12:22:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: cloudflare
X-Powered-By: PHP/7.4.33
X-Powered-By: PleskLin
Link: <https://deltasecurity.ba/wp-json/>; rel="https://api.w.org/", <https://deltasecurity.ba/>; rel=shortlink
Vary: Accept-Encoding
Cf-Cache-Status: DYNAMIC
CF-RAY: 923d6a9b3a05eb2f-DFW
alt-svc: h3=":443"; ma=86400

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            b9:07:78:12:3d:61:50:4f:11:a9:58:d3:d9:4e:52:43
        Signature Algorithm: ecdsa-with-SHA256
        Issuer: C=US, O=Google Trust Services, CN=WE1
        Validity
            Not Before: Feb 18 14:51:31 2025 GMT
            Not After : May 19 15:50:11 2025 GMT
        Subject: CN=deltasecurity.ba
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub:
                    04:b4:2a:0c:80:64:e6:38:ce:60:45:49:ec:e1:a3:
                    cf:36:a3:3a:c7:ef:b2:85:dd:2f:2d:00:2f:22:54:
                    6c:7c:13:50:48:c1:8f:b5:d5:ad:c0:0d:75:69:1e:
                    95:e7:56:55:c2:16:c6:54:6a:f4:02:5a:ef:c4:71:
                    66:21:40:35:78
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                6A:7F:9E:B2:35:50:1A:1A:88:B8:64:E0:6C:40:08:06:8A:A5:F0:F6
            X509v3 Authority Key Identifier: 
                90:77:92:35:67:C4:FF:A8:CC:A9:E6:7B:D9:80:79:7B:CC:93:F9:38
            Authority Information Access: 
                OCSP - URI:http://o.pki.goog/s/we1/uQc
                CA Issuers - URI:http://i.pki.goog/we1.crt
            X509v3 Subject Alternative Name: 
                DNS:deltasecurity.ba, DNS:*.deltasecurity.ba
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://c.pki.goog/we1/OuqGbJkzwhU.crl
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
                                1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
                    Timestamp : Feb 18 15:51:31.916 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:57:29:B7:4C:83:44:DA:91:50:F0:85:F9:
                                C2:15:63:0C:BE:35:7A:00:C0:65:2F:A6:5C:CB:77:3B:
                                1D:C1:D2:32:02:21:00:D9:EE:BA:03:DF:D4:87:BC:EC:
                                6D:A2:1A:CD:DE:69:B2:36:B1:F2:2B:9A:5F:28:31:E2:
                                D1:09:95:8B:63:B4:66
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : E6:D2:31:63:40:77:8C:C1:10:41:06:D7:71:B9:CE:C1:
                                D2:40:F6:96:84:86:FB:BA:87:32:1D:FD:1E:37:8E:50
                    Timestamp : Feb 18 15:51:31.931 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:FC:0E:DF:42:6F:AA:EC:8C:A5:DB:BF:
                                1C:CD:83:1F:0A:E1:91:7E:A1:1A:AB:26:EA:4E:19:85:
                                E2:A3:63:3D:5D:02:21:00:E2:F1:01:CB:CC:8C:1B:62:
                                B4:04:09:2B:52:4D:95:60:5C:91:E6:B0:36:32:54:FD:
                                63:6B:9C:88:31:9A:85:73
    Signature Algorithm: ecdsa-with-SHA256
    Signature Value:
        30:44:02:20:4e:26:e1:23:32:95:49:b4:58:37:2d:0e:0f:21:
        77:02:1a:07:61:92:b2:13:4a:57:5b:9c:7b:d4:32:64:b7:11:
        02:20:04:6c:01:ac:b5:9f:3f:30:11:69:71:83:d2:5e:d4:bf:
        6b:7c:12:0a:98:db:1d:02:c8:d0:92:97:95:df:d9:9a

400 The plain HTTP request was sent to HTTPS port

HTTP/1.1 400 Bad Request
Server: cloudflare
Date: Fri, 21 Feb 2025 19:05:57 GMT
Content-Type: text/html
Content-Length: 655
Connection: close
CF-RAY: -

8880 / tcp

-732505535 | 2025-03-11T18:32:15.909824

HTTP/1.1 403 Forbidden
Date: Tue, 11 Mar 2025 18:32:15 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 16
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Server: cloudflare
CF-RAY: 91ed222b6c082e66-DFW

error code: 1003

172.67.139.37

Last Seen: 2025-03-21

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

80 / tcp

-611725504 | 2025-03-19T21:48:57.152498

Hashes

443 / tcp

-1581672382 | 2025-03-21T12:22:45.586141

Hashes

2052 / tcp

1332926938 | 2025-03-05T22:28:01.776008

Hashes

2082 / tcp

744975300 | 2025-03-19T10:44:41.914268

Hashes

2083 / tcp

141477257 | 2025-03-21T10:21:18.325058

Hashes

2086 / tcp

1033505528 | 2025-03-04T13:47:31.668154

Hashes

2087 / tcp

141477257 | 2025-02-20T01:43:19.128406

Hashes

2096 / tcp

141477257 | 2025-03-17T17:22:31.436792

Hashes

8080 / tcp

-587986871 | 2025-02-28T10:12:13.323944

Hashes

CloudFlare

8443 / tcp

141477257 | 2025-02-21T19:06:04.351205

Hashes

CloudFlare

8880 / tcp

-732505535 | 2025-03-11T18:32:15.909824

Products

Pricing

Contact Us

172.67.139.37

Last Seen: 2025-03-21

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities All ports Port 80 Port 443 Latest CVSS

OpenPorts

80 / tcp -611725504 | 2025-03-19T21:48:57.152498

Hashes

443 / tcp -1581672382 | 2025-03-21T12:22:45.586141

Hashes

2052 / tcp 1332926938 | 2025-03-05T22:28:01.776008

Hashes

2082 / tcp 744975300 | 2025-03-19T10:44:41.914268

Hashes

2083 / tcp 141477257 | 2025-03-21T10:21:18.325058

Hashes

2086 / tcp 1033505528 | 2025-03-04T13:47:31.668154

Hashes

2087 / tcp 141477257 | 2025-02-20T01:43:19.128406

Hashes

2096 / tcp 141477257 | 2025-03-17T17:22:31.436792

Hashes

8080 / tcp -587986871 | 2025-02-28T10:12:13.323944

Hashes

CloudFlare

8443 / tcp 141477257 | 2025-02-21T19:06:04.351205

Hashes

CloudFlare

8880 / tcp -732505535 | 2025-03-11T18:32:15.909824

Products

Pricing

Contact Us

Vulnerabilities

80 / tcp

-611725504 | 2025-03-19T21:48:57.152498

443 / tcp

-1581672382 | 2025-03-21T12:22:45.586141

2052 / tcp

1332926938 | 2025-03-05T22:28:01.776008

2082 / tcp

744975300 | 2025-03-19T10:44:41.914268

2083 / tcp

141477257 | 2025-03-21T10:21:18.325058

2086 / tcp

1033505528 | 2025-03-04T13:47:31.668154

2087 / tcp

141477257 | 2025-02-20T01:43:19.128406

2096 / tcp

141477257 | 2025-03-17T17:22:31.436792

8080 / tcp

-587986871 | 2025-02-28T10:12:13.323944

8443 / tcp

141477257 | 2025-02-21T19:06:04.351205

8880 / tcp

-732505535 | 2025-03-11T18:32:15.909824