Check version in PS hacking problem

[c64girl]

Dont know why this site prestavc . com is able to tell my PS version? Is that a PS bug or template bug?

[Nickz]

7 hours ago, c64girl said:

Dont know why this site prestavc . com is able to tell my PS version? Is that a PS bug or template bug?

Most likely in your source code or another scrapable data gives away your version. 

[c64girl]

16 hours ago, Nickz said:

Most likely in your source code or another scrapable data gives away your version. 

Ok have it block those files from public:

 

37.139.x.x - - [30/Dec/2021:08:22:58 +0100] "GET /docs/readme_en.txt HTTP/1.0" 403 365 "-" "-"

37.139.x.x - - [30/Dec/2021:08:22:58 +0100] "GET /js/admin.js HTTP/1.0" 200 53999 "-" "-"

37.139.x.x - - [30/Dec/2021:08:22:58 +0100] "GET / HTTP/1.0" 301 331 "-" "-"

37.139.x.x- - [30/Dec/2021:08:22:59 +0100] "GET / HTTP/1.0" 200 192859 "-" "-"

 

Those files have "2007-2018 PrestaShop" or "2007-2019 PrestaShop" thats why this site know the main version like 1.7.5 or 1.7.6 thats whay it not show 1.7.6.X last number.

 

Prestashop need to fix it its very dengerous to people that have versions before 1.7.6.6 because there is an exploit that can bypass the auth admin login.

Edited December 30, 2021 by c64girl (see edit history)

[Nickz]

11 hours ago, c64girl said:

because there is an exploit that can bypass the auth admin login.

Relax not every hacker is 5 Star super star and capable. Most read over an exploit and believe it sooo easy. Similar to the attitude of Prestashop newbies