CVE-2025-58932 is a vulnerability in the axiomthemes Prisma PHP program, specifically related to improper control of filenames used in include or require statements. This vulnerability allows an attacker to perform Local File Inclusion (LFI), a type of attack where the attacker can trick the application into including files from the local filesystem. The root cause is insufficient validation or sanitization of user-supplied input that determines the filename to be included. Exploiting this flaw, an attacker can read arbitrary files on the server, such as configuration files, password files, or application source code, potentially exposing sensitive information. The vulnerability affects Prisma versions up to and including 1.10, with no specific version excluded. The CVSS v3.1 base score is 8.2, indicating high severity, with the vector indicating network attack vector (AV:N), low attack complexity (AC:L), no privileges required (PR:N), no user interaction (UI:N), unchanged scope (S:U), high confidentiality impact (C:H), low integrity impact (I:L), and no availability impact (A:N). No known exploits have been reported in the wild yet. The vulnerability was reserved in September 2025 and published in December 2025. The absence of patches at the time of reporting suggests that organizations should implement compensating controls until official fixes are released.

For European organizations, this vulnerability poses a significant risk to the confidentiality of sensitive data hosted on web servers running the vulnerable Prisma theme. Attackers can remotely exploit the flaw without authentication or user interaction, increasing the likelihood of compromise. The ability to read arbitrary files can lead to exposure of credentials, internal configuration, or intellectual property, potentially facilitating further attacks such as privilege escalation or lateral movement. Public-facing websites and applications using PHP and the Prisma theme are particularly vulnerable. The impact is heightened for organizations in sectors with strict data protection regulations like GDPR, as data breaches could result in legal penalties and reputational damage. Additionally, critical infrastructure or government websites using affected software could face targeted attacks aiming to extract sensitive information.

1. Monitor axiomthemes and Prisma official channels for security patches and apply updates immediately upon release. 2. Until patches are available, implement web application firewall (WAF) rules to detect and block suspicious requests attempting to exploit file inclusion. 3. Restrict PHP include paths using configuration directives such as open_basedir to limit accessible directories. 4. Employ strict input validation and sanitization on all user inputs that influence file inclusion or path parameters. 5. Conduct code audits to identify and remediate unsafe include/require usage patterns. 6. Disable unnecessary PHP functions that facilitate file inclusion if not required. 7. Regularly review server logs for anomalous access patterns indicative of exploitation attempts. 8. Segment web servers and sensitive data storage to reduce potential impact if compromise occurs.