CNNVD-202507-3557 Information

CNNVD ID

CNNVD-202507-3557

Related CVE

CVE-2025-50486

• CNNVD Published: 2025-07-28

Description (Chinese)

PHPGurukul Car Rental Project是PHPGurukul公司的一个汽车租赁项目。 PHPGurukul Car Rental Project v3.0版本存在安全漏洞，该漏洞源于组件/carrental/update-password.php会话失效不当，可能导致会话劫持攻击。

Description (English)

PHPGurukul Car Rent Project is a car rental project for PHPGurukul. PHPGurukul Car Rental Project v3.0 has a security loophole, which stems from the improper failure of the component/carrental/update-password.php session, which may lead to an hijacking attack.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

PHPGurukul

Published

2025-07-28

Last Modified

2026-02-24

References

https://github.com/sahel0708/CVE/tree/main/CVE-2025-50486 http://phpgurukul.com http://car.com https://access.redhat.com/security/cve/cve-2025-50486