CNNVD-202511-102 Information

CNNVD ID

CNNVD-202511-102

Related CVE

CVE-2025-12615

• CNNVD Published: 2025-11-03

Description (Chinese)

PHPGurukul News Portal是PHPGurukul公司的一个新闻门户网站。 PHPGurukul News Portal 1.0版本存在安全漏洞，该漏洞源于文件/onps/settings.py中参数SECRET_KEY使用硬编码密钥，可能导致远程攻击。

Description (English)

PHPGurukul News Portal is a news portal for PHPGurukul. Version 1.0 of PHPGurukul News Portal has a security loophole, which stems from the use of a hard-coded key by SECRET KEY, the parameter in file/onps/settings.py, which may lead to a remote attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

PHPGurukul

Published

2025-11-03

Last Modified

2026-02-24

References

https://github.com/NishantKumar-CSE/News-Portal-Python-Django-Project/blob/main/Hard-coded%20Cryptographic%20Key.md https://phpgurukul.com/ https://vuldb.com/?ctiid.330909 https://vuldb.com/?id.330909 https://vuldb.com/?submit.678625