Recently, there have been several attacks caused by a security flaw in few Prestashop modules. Here is the list:

  • /modules/explorerpro/action.php
  • /modules/sampledatainstall/sampledatainstall-ajax.php
  • /modules/colorpictures/ajax/upload.php

I recommend avoiding these modules or check with their author if they can provide security fix.

The following core files are usually modified:

  • controllers / admin / AdminLoginController.php
  • classes / Customer.php
  • classes / Employee.php
  • controllers / front / AuthController.php

The modification cause that password of the user account is sent away via Telegram API.


This website uses cookies to enable it to perform properly. Details of the cookies and instructions on how to disable them can be found in the cookie policy. By using this website, you agree to our use of cookies.