Nous utilisons des cookies pour améliorer votre expérience de visite de notre site Web. Pour plus d'informations, Cliquez ici.
Mentions légales
×

Vue d'ensemble de la vie privée

Ce site utilise des cookies afin que nous puissions vous fournir la meilleure expérience utilisateur possible. Les informations sur les cookies sont stockées dans votre navigateur et remplissent des fonctions telles que vous reconnaître lorsque vous revenez sur notre site Web et aider notre équipe à comprendre les sections du site que vous trouvez les plus intéressantes et utiles.

Vous pouvez régler tous vos paramètres de cookies en naviguant sur les onglets sur le côté gauche.

Nom du cookieAcceptez
GDPR PRO - Règlement sur la protection des données générales - tout en 1 Ce module aide le site adevenir conforme à la norme RGPD en ajoutant les fonctionnalités conformes à la loi.
unknown

PrestaShop Security Issue flag JE corrige pour vous / I fix it for you

tout servces prestashop

Bienvenue chez le spécialiste des interventions sur Prestashop.
Web2007 est à votre entière disposition pour TOUS vos besoins sur Prestashop.

Vous avez recu cet email ? PrestaShop Security Issue flag

Je peux corriger ceci pour vous, je suis disponible.
Je suis développeur freelance.
Voici le message que vous avez recu :

"In order to maintain the quality of our services, we inform you that a security vulnerability has been identified. This vulnerability is likely to affect stores that have not carried out the latest recommended software updates. In case you are affected, we invite you to take note of the details of this vulnerability in order to fix it as soon as possible and take the necessary measures that you or your Data Protection Officer may deem necessary...... On July 19, 2022, at 2:00 pm, several members of the PrestaShop ecosystem notified PrestaShop employees of security incidents. A few hours later, it was confirmed by PrestaShop's technical teams that a malicious code ("payload") was inserted by a malicious third party on several e-commerce stores. The same day at 10:00 pm, PrestaShop technical teams were able to understand and reproduce the attack and could confirm the existence of the security flaw that would allow a malicious third party to insert malicious code into the scripts of e-commerce stores hosted by the PrestaShop company and created with its solution. The insertion of this malicious code, likely to allow this (these) third party (ies) to take control of the sites concerned seems to have been made possible by an "SQL injection", coupled with a security flaw found in the operators of these stores who have not performed the latest software updates recommended by the company PrestaShop. On the morning of July 20, 2022, a report was written by the members of the crisis unit to describe the cyber attack, its causes and consequences identified, as well as the resolution and communication measures to be implemented. .... To do so, locate the file config/smarty.config.inc.php on your PrestaShop install, and remove lines 43-46 (PrestaShop 1.7) or 40-43 (PrestaShop 1.6): if (Configuration::get('PS_SMARTY_CACHING_TYPE') == 'mysql') { include _PS_CLASS_DIR_.'Smarty/SmartyCacheResourceMysql.php'; $smarty->caching_type = 'mysql'; } Consider looking at your server’s access log for the attack pattern explained above. This is an example shared by a community member: - [14/Jul/2022:16:20:56 +0200] "POST /modules/XXX/XXX.php HTTP/1.1" 200 82772 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_1) AppleWebKit/602.2.14 (KHTML, like Gecko) Version/10.0.1 Safari/602.2.14" - [14/Jul/2022:16:20:57 +0200] "GET / HTTP/1.1" 200 63011 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.98 Safari/537.36" - [14/Jul/2022:16:20:58 +0200] "POST /blm.php HTTP/1.1" 200 82696 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0" "
Intégrateur Prestashop, Devis projet Prestashop, Creation boutique en ligne Prestashop, Consultant Prestashop, Webmaster Prestashop

web2007 comment nous joindre

plus de 15 ans expérience

web2007 visio conférence

avantages collaborer web2007

nos moyens de paiements accesptés chez web2007