A critical vulnerability has been detected in the “Facebook” module (pkfacebook) from Promokit.eu for PrestaShop, posing a significant risk to website owners and their customers. The vulnerability, known as CVE-2024-36680, enables malicious guests to execute SQL injection attacks on affected module versions, potentially leading to unauthorized access to the PrestaShop database.

The root of the vulnerability lies in the Ajax script, which contains a susceptible SQL call that can be easily triggered with a simple HTTP request. This loophole allows attackers to launch SQL injection attacks and gain control over the targeted database. It is crucial for website owners using the pkfacebook module to address this issue promptly to prevent potential data breaches and unauthorized access.

Promokit.eu, the author of the module, admitted that the specific versions impacted by this vulnerability are unclear, as it was introduced long ago. Despite this acknowledgment, the author has not provided an updated version to allow security researchers to verify if the problem has been completely resolved. This lack of transparency raises concerns about the extent of the vulnerability and underscores the urgency for website owners to take action.

The exploitation of this vulnerability by malicious actors is particularly troubling, as they are actively deploying webskimmers to steal sensitive credit card information from unsuspecting customers. This malicious activity underscores the critical need for PrestaShop website owners to safeguard their stores and customer data against potential threats.

In response to this security threat, it is highly recommended that PrestaShop users upgrade to the latest version of the pkfacebook module. Additionally, implementing the following security measures can help mitigate the risk of exploitation:

1. Upgrade PrestaShop to the most recent version to disable multi-query executions and bolster overall security.
2. Ensure proper implementation of the pSQL function to mitigate Stored XSS vulnerabilities.
3. Change the default database prefix (ps_) to a more complex, random prefix to increase the difficulty for potential attackers.
4. Activate OWASP 942’s rules on a Web Application Firewall (WAF) to enhance security and be mindful of any conflicts with back office functionality.

By promptly addressing this critical vulnerability and adopting recommended security measures, PrestaShop website owners can fortify their online stores and shield customer data from potential breaches. Taking proactive steps to protect against security threats is essential for maintaining the integrity and trust of e-commerce websites.

In conclusion, the detection of the vulnerability in the pkfacebook module highlights the ongoing importance of prioritizing cybersecurity in online businesses. Website owners must stay vigilant, keep their systems updated, and implement robust security measures to defend against evolving threats and protect both their business and customer data.

Source link