CVE-2025-50484
published 2025-07-28CVE-2025-50484: Improper session invalidation in the component /crm/change-password.php of PHPGurukul Small CRM v3.0 allows attackers to execute a session hijacking attack.
high7.1CVSS 3.1
AVNACLPRNUIRSUCHILAN
Improper session invalidation in the component /crm/change-password.php of PHPGurukul Small CRM v3.0 allows attackers to execute a session hijacking attack.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| phpgurukul | small_crm | — | — |