Search and Delete directory PHPUnit in Prestashop


Your store may be vulnerable to malware, here’s what to do.

On January 2, 2020, a malware called XsamXadoo Bot was discovered. This malware can be used to access an online store and take control of it.

The bot is now believed to have used a known vulnerability in the PHP PHPUnit tool that has been reported as CVE-2017-9841.

This is what you have to do, it should only take 5 minutes.

1) Is my website vulnerable?

To find out if your store is vulnerable to attack, here’s what to do.

You must install this module in your Prestashop store (like any other module, from the BackOffice). Then click the Configure button. Once on that page you will be told if your store is vulnerable. If a PHPUnit directory was found, it will indicate where it is located and you can delete it from the module itself if you wish.

2) What can happen if my store is compromised?

This vulnerability allows an attacker to access your website : for example, this means that an attacker can potentially steal your data.

3) What is PrestaShop doing right now about this vulnerability?

All PrestaShop partners and ambassadors have been informed and should have already secured the stores they control. All PrestaShop modules have been updated and are now safe.

If you believe that your website has already been compromised, we strongly advise you to contact a security expert.


There are no reviews yet.

Only logged in customers who have purchased this product may leave a review.