An issue was discovered in Presta World Account Manager - Sales Representative & Dealers - CRM (prestasalesmanager) module for PrestaShop before version 9.0, allows remote attackers to escalate privilege and obtain sensitive information via the uploadLogo() and postProcess methods.
References