Unrated severityNVD Advisory· Published Apr 28, 2025· Updated Apr 29, 2025
CVE-2025-45949
CVE-2025-45949
Description
A critical vulnerability was found in PHPGurukul User Registration & Login and User Management System V3.3 in the /loginsystem/change-password.php file of the user panel - Change Password component. Improper handling of session data allows a Session Hijacking attack, exploitable remotely and leading to account takeover.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: =3.3
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.