Tag: user enumeration

All the articles with the tag "user enumeration".

• [CVE-2025-51586] PrestaShop Admin Login Controller Leaks Administrator Emails

  8 Sep, 2025

  A logic error in the password-reset flow of PrestaShop Back Office lets anyone enumerate administrator accounts and harvest their email addresses. A simple loop over numeric IDs is all that is required.