CVE-2025-50486
published 2025-07-28CVE-2025-50486: Improper session invalidation in the component /carrental/update-password.php of PHPGurukul Car Rental Project v3.0 allows attackers to execute a session…
high7.1CVSS 3.1
AVNACLPRNUIRSUCHILAN
Improper session invalidation in the component /carrental/update-password.php of PHPGurukul Car Rental Project v3.0 allows attackers to execute a session hijacking attack.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| phpgurukul | e-diary_management_system | — | — |