Prescol Posted June 14, 2022 Share Posted June 14, 2022 This malware now has the ability to infect those sites using Orderfiles module from MyPresta. At least, with older versions (my customer does not have an updated version). An attacker can upload a php file directly Php execution is not controlled under the upload folder. This can be easily prevented using a simple htaccess rule in the folders containing uploaded files: php_flag engine off 3 Link to comment Share on other sites More sharing options...
okom3pom Posted June 14, 2022 Share Posted June 14, 2022 Thank you for report ❤️ Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now