Security Advisory

CVE-2025-45949

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-04-28 00:00:00

Last updated 2025-04-29 13:47:06

Assigner mitre

State PUBLISHED

Description

A critical vulnerability was found in PHPGurukul User Registration & Login and User Management System V3.3 in the /loginsystem/change-password.php file of the user panel - Change Password component. Improper handling of session data allows a Session Hijacking attack, exploitable remotely and leading to account takeover.

← Browse all CVEs View on cve.org ↗