CVE-2025-50492

Critical 7.5

Improper session invalidation in the component /edms/change-password.php of PHPGurukul e-Diary Management System v1 allows attackers to execute a session hijacking attack.

Published July 28, 2025.