Fix Major Security Vulnerability on PrestaShop Websites 🚀

CVE-2022-31101 detector and fixer!

A newly found exploit could allow remote attackers to take control of your shop

Read more about the vulnerability here: https://build.prestashop.com/news/major-security-vulnerability-on-prestashop-websites/.

Fix the backdoor

The module will make a security fix that strengthens the MySQL Smarty cache storage against code injection attacks.

Run this module on your shop to close the security issue.

Remove the malware

Many who have been hacked through this vulnerability have found that their payment gateway has been replaced with a fake one. If you are a victim of this attack, the module can probably recover your shop.

Run this module on your shop to recover from the attack.

How does the module work?

The module scans the files of your shop based on a pattern. This pattern is designed to find vulnerabilities and infected files known from the security issue.

The module will solve the problems automatically or tell you how to solve them manually.

(back to top)

Install the module

1. Download the latest version of the module: https://github.com/MathiasReker/blmvuln/releases/latest

2. Login into your shop's back office

3. Go to "Module Manager"

4. Click on "Upload a Module"

5. Upload and install the module

(back to top)

Usage

1. Open the module and click "Run the cleaning process".

2. After running the cleaning process, you can uninstall the module.

(back to top)

Compatibility

• PrestaShop 1.6.1+
• thirty bees 1.0.0+
• PHP 7.0+

(back to top)

Roadmap

See the open issues for a complete list of proposed features (and known issues).

(back to top)

Contributing

If you have a suggestion to improve this, please fork the repo and create a pull request. You can also open an issue with the tag "enhancement". Finally, don't forget to give the project a star! Thanks again!

(back to top)

License

It is distributed under the MIT License. See LICENSE for more information.

(back to top)