You found the PHPUnit folder in your store. This comprehensive PrestaShop Security Guide will prove to be extremely helpful in achieving this. However, you can still go a little extra and secure your PrestaShop Store with proper security measures. PrestaShop Store hacked? Get immediate malware cleanup! Case 2: PHPUnit folder is not there That is, Search, Find & Delete PHPUnit folder in all your PrestaShop modules. Now repeat this process from the start will all your modules. In fact, it will reduce your risk of getting infected with the XsamXadoo malware, whatsoever. Deleting the PHPUnit folder will not hinder the workings of your website. Now two cases may arise: Case 1: PHPUnit folder is there Navigate to the /vendor folder in your website’s root directory.
Access your site via an FTP client like Filezilla.How to check if you are vulnerable?Ĭhecking your store for risk is easy. Further, the folder – ‘ /vendor‘, which houses the vulnerable file, has become ground zero of the attack. People on PHPUnit versions prior to 4.8.28 as well as those using versions 5.x prior to 5.6.3 are mostly at risk.Īn attacker is able to execute arbitrary PHP code on your website due to this vulnerability. According to what has been reported of the vulnerability, it affects file “ Util/PHP/eval-stdin.php” in the PHPUnit folder. The vulnerability in the PHP tool PHPUnit is identified as CVE-2017-9841. Dissection of the PrestaShop vulnerability If you are hacked, get immediate malware cleanup with Astra right now. Moreover, we will also discuss the steps to take to check the vulnerability in your stores. You will find more details of the vulnerability as you read on. Several PrestaShop store owners have already been comprised by this malware.įrom what we came to know of, this malware exploits known vulnerabilities in PHP tool – PHPUnit, which is present in several of the PrestaShop modules. Hackers are, allegedly, using this malware to gain access to your PrestaShop Store.
0 kommentar(er)
