Shop system: Attackers copy credit card data from PrestaShop websites

The PrestaShop shop system is vulnerable and attackers are currently successfully exploiting a security gap to record credit card data, for example. Updating the system will fix it.

In an article, the PrestaShop developers warn of the attacks that are currently taking place. According to them, attackers use an SQL injection vulnerability to execute their own commands in shops to gain control. According to them, stores starting with PrestaShop are vulnerable. the Versions from should be secured against attacks. They also point out that the Wishlist module is vulnerable in releases 2.0.0~2.1.0.

Shop operators should therefore ensure that not only the shop software but also all modules are up to date. In the warning message, the developers explain how to recognize shops that have already been compromised. The article does not state which CVE number the vulnerability has and what level of threat it poses.


To home page

Tumbling graphics card prices: Nvidia's high-end GeForces are becoming cheaper Previous post Tumbling graphics card prices: Nvidia’s high-end GeForces are becoming cheaper
iX intensive workshop: Become a Linux server admin in five days Next post iX Workshop: Hardening Linux Servers | hot online