in db:information_schema.triggers.sales_flat_order
mage-storage.pw
Scanned 155 rows in 6 tables, using the database from /data/web/magento2/app/etc/local.xml.
Check — Magento 1 Insecure extensions
Checking your installed extensions for known insecure versions.
Vulnerability found: VladimirPopov_WebForms
in module:/data/web/magento2/app/code/community/VladimirPopov/WebForms
Remove or upgrade to 2.8.0.
NB. Even if modules are renamed or disabled, they may still pose a threat to your system. It is recommended to always upgrade or remove vulnerable code completely.
Check — Suspect server background process
Checking for suspect and malicious processes that run in the background of your server.
Process '[stealth]', ran from '/tmp/2.25' is likely malicious.
Scanned all accessible server processes.
Check — Malware in scheduled server tasks
Checking for malware that is periodically launched in the background of your server (cronjob).
Malware found: crontab_malware_61925
in crontab:app
/bin/bash -c "base64 --decode <<<
Scanned all accessible scheduled cron tasks.
Generated by eComscan, the most effective malware and
vulnerability monitor for online
stores, scanning over 1M stores daily.
Require assistance with a security situation? Contact us at [email protected] for a root
cause analysis.
eComscan version 1.4.20, running non-interactive
Command line: ecomscan magento2
This report is based on the most recent and extensive threat intelligence. However, Sansec BV
provides this information "as is" without warranty of any kind, express or implied, including but not
limited to the warranties of merchantability, fitness for a particular purpose, correctness and
completeness.