Prestashop Sicherheitslücke

In der Prestashop Software ist eine Sicherheitslücke gefunden worden welche alle Versionen 1.4/1.4.1/1.4.2/1.4.3/1.4.4 betreffen kann.

Hier die weiteren Details in English – wird in den nächsten Tagen noch auf Deutsch zur Verfügung gestellt (bei Fragen können Sie sich an Netsolution wenden):

===

If you use one of these versions, please check for any of the following symptoms:
A her.php file is at the root of /modules folder
A .php file different from index.php is in the upload and download folders
Your footer.tpl file has been modified
Your tools/smartyv2 folder is missing
If you fulfill one of these conditions, your shop may have been infected. However, it is easy to fix just by following the instructions listed below.
What should I do?
1.Change your database password (or contact your webhost if you do not know how to do it). Once you have done that, open the settings.inc.php file in your /config folder and replace your old password with the new one. See below:
2.Download the fix published by PrestaShop available on http://addons.prestashop.com/fr/herfix/
3.Upload it to the root folder of your shop with your FTP client (Filezilla, Transmit…)
4.Go to the url http://www.myshop.com/herfix.php
5.The fix is now applied. Please do not forget to delete the herfix.php file previously uploaded at the root of your shop
6.Rename the admin folder
7.Change the password of all admins of your shop