- today
- label Tutorials
- favorite 0 likes
- remove_red_eye 5982 views
Recently, there have been several attacks caused by a security flaw in few Prestashop modules. Here is the list:
- /modules/explorerpro/action.php
- /modules/sampledatainstall/sampledatainstall-ajax.php
- /modules/colorpictures/ajax/upload.php
I recommend avoiding these modules or check with their author if they can provide security fix.
The following core files are usually modified:
- controllers / admin / AdminLoginController.php
- classes / Customer.php
- classes / Employee.php
- controllers / front / AuthController.php
The modification cause that password of the user account is sent away via Telegram API.