CVE-2025-11609 | code-projects Hospital Management System 1.0 express-session secret hard-coded key

Inserito da Angelo Barbosa | Ott 10, 2025 | CVE

A vulnerability identified as problematic has been detected in code-projects Hospital Management System 1.0. Affected is the function session of the component express-session. This manipulation of the argument secret with the input secret causes use of hard-coded cryptographic key
.

This vulnerability is handled as CVE-2025-11609. The attack can be initiated remotely. Additionally, an exploit exists.

CVE-2025-11609 | code-projects Hospital Management System 1.0 express-session secret hard-coded key

Post correlati

CVE-2024-41886 | Hanwha Vision XRN-420S up to 5.01.62 URL Input denial of service

CVE-2024-21254 | Oracle BI Publisher 7.0.0.0.0/7.6.0.0.0/12.2.1.4.0 Web Server Privilege Escalation

CVE-2024-5579 | Allegra renderFieldMatch deserialization (ZDI-24-1162)

CVE-2025-4535 | Gosuncn Technology Group Audio-Visual Integrated Management Platform 4.0 Configuration File config.properties information disclosure