Hackers have found a way to exploit a...
Hackers have found a way to exploit a security vulnerability to execute arbitrary code on servers running PrestaShop sites.
This service protects the store from this attack
Applies to Prestashop version 1.6 and 1.7
PrestaShop 1.5 1.6
Kupując teraz ten produkt otrzymasz 9 punktów lojalnościowych. Twój koszyk wyniesie 9 punktów może być zamienione na jeden bon o wartości 1.80 zł.
A NEWLY DETECTED EXPLOIT MAY ALLOW REMOTE ATTACKERS TO TAKE CONTROL OF YOUR STORE.
What's going on
It turns out that hackers use a combination of known and unknown vulnerabilities to inject malicious code into PrestaShop pages, allowing them to execute arbitrary instructions and potentially steal customer payment information.
While investigating this attack, a previously unknown chain of vulnerabilities was found. At the moment, however, you cannot be sure that this is the only way they can attack. This issue seems to affect stores based on version 220.127.116.11 or later, which are affected by SQL injection vulnerabilities. Versions 18.104.22.168 and later are not vulnerable unless they run a module or custom code that itself contains a SQL injection vulnerability. Note that versions 2.0.0~2.1.0 of the blockwishlist module are vulnerable.
How the attack works - READ THE ARTICLE
After purchasing this service, we will audit your store's files and secure your store against this attack.
To perform the service, we will need access to the store's files via FTP.
You can enter them directly in the fields at the bottom of this page or in the message when placing your order.
* - pola wymagane