Description PrestaShop 1.5.5 vulnerable to privilege escalation via a Salesman account via upload module Remediation References CVE-2013-6295 Related Vulnerabilities Craft CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2026-25495) Joomla! Core Security Bypass (2.5.0 - 3.9.19) WordPress Plugin Post SMTP-WP SMTP with Email Logs & Mobile App for Failure Alerts-Any SMTP Plus Gmail SMTP, Office 365, Brevo, Mailgun, Amazon SES, Postmark Multiple Cross-Site Request Forgery Vulnerabilities (2.5.6) Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-37064) MySQL CVE-2021-35628 Vulnerability (CVE-2021-35628) Severity Critical Classification CVE-2013-6295 CWE-269 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Tags Missing Update Known Vulnerabilities