Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/mathiasreker/blmvuln

Major Security Vulnerability on PrestaShop Websites - CVE-2022-31101
https://github.com/mathiasreker/blmvuln

cve-2022-31101 free module php prestashop

Last synced: 4 months ago
JSON representation

Major Security Vulnerability on PrestaShop Websites - CVE-2022-31101

Awesome Lists containing this project

README 

        



[![Contributors][contributors-shield]][contributors-url]

[![Forks][forks-shield]][forks-url]

[![Stargazers][stars-shield]][stars-url]

[![Issues][issues-shield]][issues-url]

[![MIT License][license-shield]][license-url]





Fix Major Security Vulnerability on PrestaShop Websites :rocket:


  


    CVE-2022-31101 detector and fixer!

  





## A newly found exploit could allow remote attackers to take control of your shop



Read more about the vulnerability

here: [https://build.prestashop.com/news/major-security-vulnerability-on-prestashop-websites/](https://build.prestashop.com/news/major-security-vulnerability-on-prestashop-websites/).



![](https://user-images.githubusercontent.com/26626066/181037865-042d2b97-385e-4c90-9560-859a7639082d.png)



### Fix the backdoor



The module will make a security fix that strengthens the MySQL Smarty cache storage against code injection attacks.



Run this module on your shop to close the security issue.



### Remove the malware



Many who have been hacked through this vulnerability have found that their payment gateway has been replaced with a fake

one.

If you are a victim of this attack, the module can probably recover your shop.



Run this module on your shop to recover from the attack.



### How does the module work?



The module scans the files of your shop based on a pattern. This pattern is designed to find vulnerabilities and

infected files known from the security issue.



The module will solve the problems automatically or tell you how to solve them manually.



(back to top)



## Install the module



1. Download the latest version of the module: https://github.com/MathiasReker/blmvuln/releases/latest



2. Login into your shop's back office



3. Go to "Module Manager"



4. Click on "Upload a Module"



5. Upload and install the module



(back to top)



## Usage



1. Open the module and click "Run the cleaning process".



2. After running the cleaning process, you can uninstall the module.



(back to top)



## Compatibility



- [x] PrestaShop 1.6.1+

- [x] thirty bees 1.0.0+

- [x] PHP 7.0+



(back to top)



## Roadmap



See the [open issues](https://github.com/MathiasReker/blmvuln/issues) for a complete list of proposed features (and

known

issues).



(back to top)



## Contributing



If you have a suggestion to improve this, please fork the repo and create a pull request. You can also open an issue

with the tag "enhancement". Finally, don't forget to give the project a star! Thanks again!



(back to top)



## License



It is distributed under the MIT License. See `LICENSE` for more information.



(back to top)



[contributors-shield]: https://img.shields.io/github/contributors/MathiasReker/blmvuln.svg



[contributors-url]: https://github.com/MathiasReker/blmvuln/graphs/contributors



[forks-shield]: https://img.shields.io/github/forks/MathiasReker/blmvuln.svg



[forks-url]: https://github.com/MathiasReker/blmvuln/network/members



[stars-shield]: https://img.shields.io/github/stars/MathiasReker/blmvuln.svg



[stars-url]: https://github.com/MathiasReker/blmvuln/stargazers



[issues-shield]: https://img.shields.io/github/issues/MathiasReker/blmvuln.svg



[issues-url]: https://github.com/MathiasReker/blmvuln/issues



[license-shield]: https://img.shields.io/github/license/MathiasReker/blmvuln.svg



[license-url]: https://github.com/MathiasReker/blmvuln/blob/develop/LICENSE.txt