CVE-2013-6295: 
Prestashop vulnerability analysis and mitigation

CVE-2013-6295 is a privilege escalation vulnerability affecting PrestaShop version 1.5.5 and potentially prior versions. The vulnerability allowed users with Salesman or Logistician account privileges to upload malicious modules through the AdminModules functionality, potentially leading to unauthorized access to sensitive information and system compromise (Sopas Labs).

The vulnerability exists in the module upload functionality within the AdminModulesController.php file. The code fails to properly validate uploaded files, allowing attackers to upload malicious PHP files disguised as legitimate modules. While the system checks for zip/tar files and folder structure, it does not properly validate the actual module contents, allowing arbitrary file uploads to the /modules/ directory (Sopas Labs).

The vulnerability allows lower-privileged users (Salesman/Logistician) to upload malicious PHP files that could expose sensitive information like database credentials, add unauthorized admin users, or potentially achieve server compromise through further exploitation. The attack could lead to complete system compromise if the server has additional vulnerabilities (Sopas Labs).

PrestaShop addressed this vulnerability by changing the default profile permissions and removing the rights to add or delete modules from lower-privileged accounts. As a workaround, administrators are advised to remove module upload permissions from users who don't explicitly need this functionality and only grant it to trusted users (Sopas Labs).