Prestashop 1.6.1.19 sessions can be read and written by an attacker, resulting in a range of vulnerabilities including privilege escalation and remote code execution.