CVE-2025-25692 | THREATINT

Description

A PHAR deserialization vulnerability in the _getHeaders function of PrestaShop v8.2.0 allows attackers to execute arbitrary code via a crafted POST request.

PUBLISHED Reserved 2025-02-07 | Published 2025-07-30 | Updated 2025-07-30 | Assigner mitre

References

github.com/PrestaShop/PrestaShop

prestashop.com

github.com/3em0/cve_repo/blob/main/preshop/CVE-2025-25692.md

cve.org (CVE-2025-25692)

nvd.nist.gov (CVE-2025-25692)

Download JSON