To the best of our understanding, this issue seems to concern shops based on versions 1.6.0.10 or greater, subject to SQL injection vulnerabilities. At the moment, however, we cannot be sure that it’s the only way for them to perform the attack. While investigating this attack, we found a previously unknown vulnerability chain that we are fixing. The maintainer team has been made aware that malicious actors are exploiting a combination of known and unknown security vulnerabilities to inject malicious code in PrestaShop websites, allowing them to execute arbitrary instructions, and potentially steal customer’s payment information. For details, please read the entire article. ![]() ![]() Attackers have found a way to use a security vulnerability to carry out arbitrary code execution in servers running PrestaShop websites.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |