Security News > 2022 > July > Hackers exploited PrestaShop zero-day to breach online stores
Hackers are targeting websites using the PrestaShop platform, leveraging a previously unknown vulnerability chain to perform code execution and potentially steal customers' payment information.
The PrestaShop team issued an urgent warning last Friday, urging the admins of 300,000 shops using its software to review their security stance after cyberattacks were discovered targeting the platform.
The attack appears to impact PrestaShop versions 1.6.0.10 or later and versions 1.7.8.2 or later if they run modules vulnerable to SQL injection, such as the Wishlist 2.0.0 to 2.1.0 module.
"We believe attackers are targeting shops using outdated software or modules, vulnerable third-party modules, or a yet-to-be-discovered vulnerability," explains the PrestaShop security advisory.
To conduct the attack, hackers send a POST request to a vulnerable endpoint followed by a parameter-less GET request to the homepage that creates a "Blm.php" file at the root directory.
Finally, upgrade all used modules to the latest available version and apply the PrestaShop security update released today, version 1.7.8.7.
News URL
Related news
- UK domain registry Nominet confirms breach via Ivanti zero-day (source)
- HPE investigates breach as hacker claims to steal source code (source)
- Hackers Exploit Zero-Day in cnPilot Routers to Deploy AIRASHI DDoS Botnet (source)
- Hackers exploit 16 zero-days on first day of Pwn2Own Automotive 2025 (source)
- CISA: Hackers still exploiting older Ivanti bugs to breach networks (source)
- Hackers get $886,250 for 49 zero-days at Pwn2Own Automotive 2025 (source)
- Hackers exploiting flaws in SimpleHelp RMM to breach networks (source)
- BeyondTrust Zero-Day Breach Exposed 17 SaaS Customers via Compromised API Key (source)
- Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers (source)
- XE Hacker Group Exploits VeraCore Zero-Day to Deploy Persistent Web Shells (source)