v1.6-v1.7 INFO - Prestashop Security v 1.6, 1.7

Sergiy

New member
XNullUser
Joined
Jun 14, 2021
Messages
19
Reaction score
1
Points
3
NullCash
5

Major Security Vulnerability On PrestaShop Websites​

A NEWLY FOUND EXPLOIT COULD ALLOW REMOTE ATTACKERS TO TAKE CONTROL OF YOUR SHOP.​

Written by
PrestaShop team
More...

Manual elimination of the hole

Find the file config/smarty.config.inc.php in your PrestaShop installation and delete lines 43-46 (PrestaShop 1.7) or 40-43 (PrestaShop 1.6)

Code:
if (Configuration::get('PS_SMARTY_CACHING_TYPE') == 'mysql') {
    include _PS_CLASS_DIR_.'Smarty/SmartyCacheResourceMysql.php';
    $smarty->caching_type = 'mysql';
}
 

d-shilko

Well-known member
☆☆ Special ☆☆
☆ Pro ☆
Joined
Jun 10, 2021
Messages
2,538
Reaction score
1,530
Points
113
NullCash
4,422

Major Security Vulnerability On PrestaShop Websites​

A NEWLY FOUND EXPLOIT COULD ALLOW REMOTE ATTACKERS TO TAKE CONTROL OF YOUR SHOP.​

Written by
PrestaShop team
More...

Manual elimination of the hole

Find the file config/smarty.config.inc.php in your PrestaShop installation and delete lines 43-46 (PrestaShop 1.7) or 40-43 (PrestaShop 1.6)

Code:
if (Configuration::get('PS_SMARTY_CACHING_TYPE') == 'mysql') {
    include _PS_CLASS_DIR_.'Smarty/SmartyCacheResourceMysql.php';
    $smarty->caching_type = 'mysql';
}
Hi. This info should be placed in the Request thread.

Your solution is templory.
Here right solution. In another case, you have to update PS to v1.7.8.7
 

ShoppingO

New member
XNullUser
Joined
Jul 28, 2022
Messages
3
Reaction score
0
Points
1
NullCash
4
Your solution is templory but is OK thanks
 

Biju

New member
XNullUser
Joined
Jun 8, 2022
Messages
6
Reaction score
0
Points
1
NullCash
8
Thank you for your info. Is good to know
 
Top