CVE-2025-25691 Information

Jul 31, 2025 cve

Description

A PHAR deserialization vulnerability in the component /themes/import of PrestaShop v8.2.0 allows attackers to execute arbitrary code via a crafted POST request.

Reference

http://dem0.com http://dem0.com/admin/index.php/improve/design/themes/import?_token=btRUtV2Om2noliZZjeFQZhlMY3gYivjABbPOjP91L6U http://prestashop.com https://github.com/3em0/cve_repo/blob/main/preshop/CVE-2025-25691.md https://github.com/PrestaShop/PrestaShop

CNNVD-202507-3795 (Published: 2025-07-30)

Share on:

CVE-2025-25691 Information

Description

Reference

Related CNNVD