PHPUnit is a testing framework for PHP, used for testing during Prestashop development. It should not be distributed with modules, but in some cases it was (ZIP archives etc.). There is known vulnerability of PHPUnit that allows allows an attacker to execute PHP code on your shop, read your database and upload or modify files - install other malware etc.

We recommend you to check the /modules/ directory of your shop and for each module make sure that you don't have "vendor/phpunit" directory. If you find it, you can simply delete it, the module will work the same way. For 1.7 version, check also /vendor/ folder in root directory/vendor/symfony/symfony/src/Symfony/Bridge/PhpUnit/ is OK - safe). The name of problematic file is eval-stdin.php, in case you find it anywhere, make sure to delete that folder.

Common modules that may include this library are:
- autoupgrade
- ps_facetedsearch
- gamification

Deleting phpunit folders doesn't solve the case when shop was already compromised by malware.

Comments