PrestaShop autoupgrade module ZIP archives were vulnerable from CVE-2017-9841
We have identified that some autoupgrade module ZIP archives have been built with phpunit dev dependencies. PHPUnit contains a php script that would allow, on a webserver, an attacker to perform a RCE.