Security Updates - Question | JoomShaper

Security Updates

G

Gnostica

SP Page Builder 1 week ago

Hi,

I use joomla 6.1.1 and SPPB 6.6.2. and updated all components, plugins (helix 3 3.1.2), framework, but RSFirewall give me informations about injections, high level events: index.php?option=com_sppagebuilder&task=asset.uploadCustomIcon Description: Attempted to leverage vulnerability in old version of SP Page Builder (PHP code upload).

Please help what could I do? Maybe there are old files, folders in SP Page Builder....?

Thanks, David

0
3 Answers
Ziaul Kabir
Ziaul Kabir
Accepted Answer
Support Agent 1 week ago #227656

Hello,

We sincerely apologize for the inconvenience caused.

This issue has been fixed in SP Page Builder v6.6.2. Once you upgrade to v6.6.2, this specific vulnerability can no longer be exploited.

However, if your site was compromised before upgrading, simply updating the extension will not remove any malicious files or backdoors that may have already been uploaded. If those files remain on the server, attackers may still be able to access your site. Therefore, it is important to perform a complete cleanup before considering the site secure. Please follow the cleanup guide here: https://www.joomshaper.com/forum/question/45152 You can also use the following security scanner to help identify malicious files and delete them: https://github.com/zkrana/joomla-security-scanner

Please make sure to read the README.md file in the repository for instructions on how to run the tool. After completing the cleanup and upgrading to v6.6.2, please let us know the outcome or if you need any further assistance.

We'll be happy to help. Thank you.

0
G
Gnostica
Accepted Answer
1 week ago #227668

Hello,

Thanks for your help.

David

0
Ziaul Kabir
Ziaul Kabir
Accepted Answer
Support Agent 1 week ago #227813

You are welcome.

0