CVE-2013-6358

Description

PrestaShop 1.5.5 allows remote authenticated attackers to execute arbitrary code by uploading a crafted profile and then accessing it in the module/ directory.