Share
## https://sploitus.com/exploit?id=63803225-DD4D-5796-A858-9BA98137E5F6
CVE-2025-51586 - PrestaShop AdminLogin Email Enumeration PoC


  




๐Ÿ“Œ Overview

This repository contains an ethical Proof-of-Concept (PoC) for the vulnerability
CVE-2025-51586,
affecting PrestaShop versions 1.7.x โ€” 8.2.2.

The PoC enumerates administrator email addresses via the Back Office password reset mechanism (AdminLogin controller).



๐Ÿ“ Vulnerability Summary
User enumeration vulnerability in the AdminLogin controller in PrestaShop 1.7 through 8.2.2 allows remote attackers to obtain administrators user email addresses via manipulation of the id_employee and reset_token parameters. An attacker who has access to the Back Office login URL can trigger the password reset form to disclose the associated email address in a hidden field, even when the provided reset token is invalid. This issue has been fixed in 8.2.3.


  CVE ID: CVE-2025-51586
  Affected Software: PrestaShop
  Versions: 1.7.x โ€“ 8.2.2
  Fixed in: 8.2.3
  Impact: Email enumeration (information disclosure)
  Attack vector: Unauthenticated GET/POST to the reset endpoint


How it works

  Send a request to the reset page, e.g. https://domain.tld/admin/index.php?controller=AdminLogin&reset=1
  Provide a valid id_employee and an invalid reset_token
  If the ID exists, the response contains a hidden field: <input name="reset_email" value="admin@domain.tld">
  Iterate IDs to enumerate admin emails




๐Ÿ“š References & Credit
Official advisory: Friends of Presta Security
Reported by Friends of Presta Security Team (advisory published September 4, 2025).



โš ๏ธ Legal Notice
This PoC is for educational and authorized testing only. Use only on systems you own or where you have explicit permission. The author and contributors are not responsible for misuse.



๐Ÿ“ฆ Installation
Clone and install dependencies:
git clone https://github.com/yourusername/CVE-2025-51586-PrestaShop-PoC.git
cd CVE-2025-51586-PrestaShop-PoC
pip install requests beautifulsoup4 rich


๐Ÿ–ฅ๏ธ Usage (CLI)
python3 cve_2025_51586_enum.py \
  -u "https://target/admin/index.php?controller=AdminLogin&reset=1" \
  -s 1 -e 100 -m POST -t invalidtoken123 --delay 0.5 --timeout 10 --export results.csv




โœ๏ธ Author
PoC developed by 7h30th3r0n3. Vulnerability discovered by Friends of Presta Security Team.