Prestashop and the vulnerability of tool PHP PHPUnit

You can know if its store is vulnerable to an attack, this is what must do. Most recommendable he would be than he puts himself in touch with his administrator.

  1. In his servant, he looks for in the Selling folder in the level root of his PrestaShop website
  2. If the folder of the supplier contains a folder €œphpunit€, it can be vulnerable to an external attacker.
  3. Now €œphpunit€ can simply eliminate the folder and its content.

Once it has verified the main folder of PrestaShop, it repeats the same steps but within the folder of each module:

  1. In each folder of module, it verifies if there is a supplier folder.
  2. Within the Vendor folder of each module, it verifies if €œphpunit€ exists a called folder.
  3. If the folder of a module contains this folder €œphpunit€, this module can do vulnerable an external attacker to him.
  4. Simply €œphpunit€ can eliminate the folder.

It verifies that the folder €œVendor€ of each module does not contain a folder €œphpunit€.

This will not affect to the behavior of the modules. This simple step will protect its store online of this vulnerability, but it remembers that its website can be already it jeopardize.

†’ If it did not find any module that contains this folder phpunit, its store is not vulnerable.


Joint party:

< Previous Entrance

Galicia Exports Dixital

Following entrance >