Warning - Hacking attempts through vulnerabilities in modules bamegamenu cartabandonmentpro explorerpro cdesigner jmsslider apmarketplace vs 1.0

[sitte]

I would like to report an attack vector I have had the unpleasantness of encountering. There was a hack on one of the sites. After analysing the logs, it was found that during the attack, an attempt was made to attack the following files:

"POST /modules/bamegamenu/ajax_phpcode.php HTTP/1.1"
"GET /modules/cartabandonmentpro/views/js/fileman/php/movefile.php HTTP/1.1"
"GET /modules/explorerpro/action.php HTTP/1.1"
"GET /modules/cdesigner/views/js/cdesigner.js HTTP/1.1"
"GET /modules/jmsslider/views/js/jquery.fractionslider.js HTTP/1.1"
"GET /modules/apmarketplace/ajax.php HTTP/1.1"

Modules:
bamegamenu
cartabandonmentpro
explorerpro
cdesigner
jmsslider
apmarketplace vs 1.0

Check/update if you use any of these modules

Edited June 14, 2023 by sitte
format (see edit history)

[ComGrafPL]

Thanks for the notice. Keep it safe.

[endriu107]

Those modules voulnerabilities are knowed for some time. If you want to be up to date you should follow this page https://www.cvedetails.com/vulnerability-list/vendor_id-8950/product_id-15797/Prestashop-Prestashop.html or this topic on forum: 

 

[PrestaHeroes USA]

To monitor and report on file system changes please consider our paid solution written originally for 1.4.

Get alerts when file system changes, commit trusted change to vault or restore untrusted change from vault.

https://prestaheroes.com/collections/all-modules/products/prestavault-malware-trojan-virus-protection?variant=40653346603215