CVE-2025-45949 – PHPGurukul User Registration & Login and User Management System Session Hijacking Vulnerability

April 28, 2025

CVE ID : CVE-2025-45949

Published : April 28, 2025, 8:15 p.m. | 2 hours, 50 minutes ago

Description : A critical vulnerability was found in PHPGurukul User Registration & Login and User Management System V3.3 in the /loginsystem/change-password.php file of the user panel – Change Password component. Improper handling of session data allows a Session Hijacking attack, exploitable remotely and leading to account takeover.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-45953 – PHPGurukul Hostel Management System Session Hijacking

Next Article CVE-2025-45947 – PhpGurukul Online Banquet Booking System Remote Code Execution Vulnerability

Gemini 2.5 Pro and Flash are generally available and Gemini 2.5 Flash-Lite preview is announced

CSS Cascade Layers Vs. BEM Vs. Utility Classes: Specificity Control

IBM launches new integration to help unify AI security and governance

Meet Accessible UX Research, A Brand-New Smashing Book

How to free up your Mac’s storage space – 3 easy ways

I finally found a mini PC with a striking design (and the power to back it up)

The best password generators of 2025: Expert tested

Facebook’s new passkey support could soon let you ditch your password forever

eslint-plugin-mutate

eslint-plugin-mutate

Event-Driven Microservice Backend For a Modern E-commerce Platform.

Search Params Are State – How TanStack Router Solves It

You Can Now Auto-Generate Google Forms Using Gemini Using Prompts or Files – Here’s How

You Can Now Auto-Generate Google Forms Using Gemini Using Prompts or Files – Here’s How

Google Helps Devs Build Safe Android Apps with THIS Play Policy – Find Out More Here

Microsoft Edge for Business Now Lets Admins Push Encrypted Passwords to Users Securely

CVE-2025-45949 – PHPGurukul User Registration & Login and User Management System Session Hijacking Vulnerability

CISA Warning: Critical Flaw (CVE-2025-5310) Exposes Fueling Station Devices

Amatera Stealer Unveiled: Rebranded ACR Stealer Now More Evasive, Targeting Your Data

CVE-2025-0072 – Arm Ltd Valhall GPU Kernel Driver After Free Vulnerability

LLMs Can Now Solve Challenging Math Problems with Minimal Data: Researchers from UC Berkeley and Ai2 Unveil a Fine-Tuning Recipe That Unlocks Mathematical Reasoning Across Difficulty Levels

CVE-2025-3775 – ShopLentor WooCommerce Builder SSRF Vulnerability

Windows 11 24H2 is now more stable with Nvidia driver 576.02

Keep Your Place: Enhancing User Experience with Fragment Method

CVE-2025-4954 – Axle Demo Importer WordPress File Upload Vulnerability

Windows 11 now lets you extract texts (OCR) from your screen without screenshots

CVE-2025-4347 – D-Link DIR-600L Critical FormWlSiteSurvey Buffer Overflow Vulnerability

CVE-2025-45949 – PHPGurukul User Registration & Login and User Management System Session Hijacking Vulnerability

Related Posts