CVE-2025-45949
Published
CVSS v3
9.8
CRITICAL
CVSS v2
N/A
Affected
1
PROJECT
Description
A critical vulnerability was found in PHPGurukul User Registration & Login and User Management System V3.3 in the /loginsystem/change-password.php file of the user panel - Change Password component. Improper handling of session data allows a Session Hijacking attack, exploitable remotely and leading to account takeover.
A curated collection of CVEs discovered through focused research, real-world testing, and continuous learning. This repository highlights my commitment to uncovering vulnerabilities, analyzing their impact, and contributing to the cybersecurity community with practical insights.
GitHub