CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-45949

A critical vulnerability was found in PHPGurukul User Registration & Login and User Management System V3.3 in the /loginsystem/change-password.php file of the user panel - Change Password component. Improper handling of session data allows a Session Hijacking attack, exploitable remotely and leading to account takeover.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 11.1%

CVSS Severity

CVSS v3 Score 9.8

References

http://phpgurukul.com
https://github.com/VasilVK/CVE/blob/main/CVE-2025-45949/README.MD

Products affected by CVE-2025-45949

Phpgurukul » User Registration & Login And User Management System » Version: 3.3

cpe:2.3:a:phpgurukul:user_registration_&_login_and_user_management_system:3.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-45949

Products

Pricing

Contact Us