3Em0

**Name of the Vulnerable Software and Affected Versions** PrestaShop version 8.2.0 **Description** A PHAR deserialization vulnerability exists in the ` getHeaders` function. This allows attackers to execute arbitrary code via a crafted POST request. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** PrestaShop version 8.2.0 **Description** A PHAR deserialization vulnerability exists in the `/themes/import` component. Attackers can execute arbitrary code by sending a crafted POST request. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.