CVE-2025-12615 | PHPGurukul News Portal 1.0 /onps/settings.py SECRET_KEY hard-coded key

Inserito da Angelo Barbosa | Nov 2, 2025 | CVE

A vulnerability was found in PHPGurukul News Portal 1.0 and classified as problematic. The affected element is an unknown function of the file /onps/settings.py. Such manipulation of the argument SECRET_KEY leads to use of hard-coded cryptographic key
.

This vulnerability is listed as CVE-2025-12615. The attack may be performed from remote. In addition, an exploit is available.

CVE-2025-12615 | PHPGurukul News Portal 1.0 /onps/settings.py SECRET_KEY hard-coded key

Post correlati

CVE-2024-25965 | Dell PowerScale OneFS up to 9.3.0.0/9.4.0.17/9.5.0.7/9.7.0.1/9.7.0.2 file inclusion (dsa-2024-163)

CVE-2022-48633 | Linux Kernel up to 5.19.11/6.0 gma500 psb_gem_unpin denial of service (55c077d97fa6/b6f25c3b94f2)

CVE-2024-9241 | PDF Image Generator Plugin up to 1.5.6 on WordPress cross site scripting

CVE-2025-46458 | occupancyplan Plugin up to 1.0.3.0 on WordPress cross-site request forgery