CVE-2024-25842 Information

Description

An issue was discovered in Presta World \Account Manager - Sales Representative & Dealers - CRM\ (prestasalesmanager) module for PrestaShop before version 9.0 allows remote attackers to escalate privilege and obtain sensitive information via the uploadLogo() and postProcess methods.

Reference

https://github.com/friends-of-presta/security-advisories/blob/main/_posts/2024-02-29-prestasalesmanager.md