{"id":15145675,"url":"https://github.com/mathiasreker/blmvuln","last_synced_at":"2025-07-01T02:37:27.530Z","repository":{"id":49349940,"uuid":"517444481","full_name":"MathiasReker/blmvuln","owner":"MathiasReker","description":"Major Security Vulnerability on PrestaShop Websites - CVE-2022-31101","archived":false,"fork":false,"pushed_at":"2022-08-01T09:12:50.000Z","size":420,"stargazers_count":41,"open_issues_count":2,"forks_count":6,"subscribers_count":10,"default_branch":"develop","last_synced_at":"2025-01-30T21:42:25.172Z","etag":null,"topics":["cve-2022-31101","free","module","php","prestashop"],"latest_commit_sha":null,"homepage":"","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/MathiasReker.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null},"funding":{"github":["MathiasReker"]}},"created_at":"2022-07-24T21:50:13.000Z","updated_at":"2024-11-23T02:11:54.000Z","dependencies_parsed_at":"2022-08-27T09:41:29.848Z","dependency_job_id":null,"html_url":"https://github.com/MathiasReker/blmvuln","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MathiasReker%2Fblmvuln","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MathiasReker%2Fblmvuln/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MathiasReker%2Fblmvuln/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MathiasReker%2Fblmvuln/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/MathiasReker","download_url":"https://codeload.github.com/MathiasReker/blmvuln/tar.gz/refs/heads/develop","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":237896619,"owners_count":19383554,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cve-2022-31101","free","module","php","prestashop"],"created_at":"2024-09-26T11:41:40.422Z","updated_at":"2025-02-09T02:31:39.565Z","avatar_url":"https://github.com/MathiasReker.png","language":"PHP","funding_links":["https://github.com/sponsors/MathiasReker"],"categories":[],"sub_categories":[],"readme":"\u003cdiv id=\"top\"\u003e\u003c/div\u003e\n\n[![Contributors][contributors-shield]][contributors-url]\n[![Forks][forks-shield]][forks-url]\n[![Stargazers][stars-shield]][stars-url]\n[![Issues][issues-shield]][issues-url]\n[![MIT License][license-shield]][license-url]\n\n\u003cdiv align=\"center\"\u003e\n\u003ch3\u003eFix Major Security Vulnerability on PrestaShop Websites :rocket:\u003c/h3\u003e\n  \u003cp\u003e\n    CVE-2022-31101 detector and fixer!\n  \u003c/p\u003e\n\u003c/div\u003e\n\n## A newly found exploit could allow remote attackers to take control of your shop\n\nRead more about the vulnerability\nhere: [https://build.prestashop.com/news/major-security-vulnerability-on-prestashop-websites/](https://build.prestashop.com/news/major-security-vulnerability-on-prestashop-websites/).\n\n![](https://user-images.githubusercontent.com/26626066/181037865-042d2b97-385e-4c90-9560-859a7639082d.png)\n\n### Fix the backdoor\n\nThe module will make a security fix that strengthens the MySQL Smarty cache storage against code injection attacks.\n\nRun this module on your shop to close the security issue.\n\n### Remove the malware\n\nMany who have been hacked through this vulnerability have found that their payment gateway has been replaced with a fake\none.\nIf you are a victim of this attack, the module can probably recover your shop.\n\nRun this module on your shop to recover from the attack.\n\n### How does the module work?\n\nThe module scans the files of your shop based on a pattern. This pattern is designed to find vulnerabilities and\ninfected files known from the security issue.\n\nThe module will solve the problems automatically or tell you how to solve them manually.\n\n\u003cp align=\"right\"\u003e(\u003ca href=\"#top\"\u003eback to top\u003c/a\u003e)\u003c/p\u003e\n\n## Install the module\n\n1. Download the latest version of the module: https://github.com/MathiasReker/blmvuln/releases/latest\n\n2. Login into your shop's back office\n\n3. Go to \"Module Manager\"\n\n4. Click on \"Upload a Module\"\n\n5. Upload and install the module\n\n\u003cp align=\"right\"\u003e(\u003ca href=\"#top\"\u003eback to top\u003c/a\u003e)\u003c/p\u003e\n\n## Usage\n\n1. Open the module and click \"Run the cleaning process\".\n\n2. After running the cleaning process, you can uninstall the module.\n\n\u003cp align=\"right\"\u003e(\u003ca href=\"#top\"\u003eback to top\u003c/a\u003e)\u003c/p\u003e\n\n## Compatibility\n\n- [x] PrestaShop 1.6.1+\n- [x] thirty bees 1.0.0+\n- [x] PHP 7.0+\n\n\u003cp align=\"right\"\u003e(\u003ca href=\"#top\"\u003eback to top\u003c/a\u003e)\u003c/p\u003e\n\n## Roadmap\n\nSee the [open issues](https://github.com/MathiasReker/blmvuln/issues) for a complete list of proposed features (and\nknown\nissues).\n\n\u003cp align=\"right\"\u003e(\u003ca href=\"#top\"\u003eback to top\u003c/a\u003e)\u003c/p\u003e\n\n## Contributing\n\nIf you have a suggestion to improve this, please fork the repo and create a pull request. You can also open an issue\nwith the tag \"enhancement\". Finally, don't forget to give the project a star! Thanks again!\n\n\u003cp align=\"right\"\u003e(\u003ca href=\"#top\"\u003eback to top\u003c/a\u003e)\u003c/p\u003e\n\n## License\n\nIt is distributed under the MIT License. See `LICENSE` for more information.\n\n\u003cp align=\"right\"\u003e(\u003ca href=\"#top\"\u003eback to top\u003c/a\u003e)\u003c/p\u003e\n\n[contributors-shield]: https://img.shields.io/github/contributors/MathiasReker/blmvuln.svg\n\n[contributors-url]: https://github.com/MathiasReker/blmvuln/graphs/contributors\n\n[forks-shield]: https://img.shields.io/github/forks/MathiasReker/blmvuln.svg\n\n[forks-url]: https://github.com/MathiasReker/blmvuln/network/members\n\n[stars-shield]: https://img.shields.io/github/stars/MathiasReker/blmvuln.svg\n\n[stars-url]: https://github.com/MathiasReker/blmvuln/stargazers\n\n[issues-shield]: https://img.shields.io/github/issues/MathiasReker/blmvuln.svg\n\n[issues-url]: https://github.com/MathiasReker/blmvuln/issues\n\n[license-shield]: https://img.shields.io/github/license/MathiasReker/blmvuln.svg\n\n[license-url]: https://github.com/MathiasReker/blmvuln/blob/develop/LICENSE.txt\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmathiasreker%2Fblmvuln","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmathiasreker%2Fblmvuln","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmathiasreker%2Fblmvuln/lists"}