NishantKumar-CSE

2 exploits Active since Nov 2025
CVE-2025-12615 WRITEUP MEDIUM WRITEUP
PHPGurukul News Portal 1.0 - Info Disclosure
A security vulnerability has been detected in PHPGurukul News Portal 1.0. The affected element is an unknown function of the file /onps/settings.py. Such manipulation of the argument SECRET_KEY leads to use of hard-coded cryptographic key . The attack may be performed from remote. The attack requires a high level of complexity. The exploitability is described as difficult. The exploit has been disclosed publicly and may be used.
CVSS 5.0
CVE-2025-12616 WRITEUP LOW WRITEUP
PHPGurukul News Portal 1.0 - Info Disclosure
A vulnerability was detected in PHPGurukul News Portal 1.0. The impacted element is an unknown function of the file /onps/settings.py. Performing a manipulation results in insertion of sensitive information into debugging code. It is possible to initiate the attack remotely. The attack's complexity is rated as high. The exploitability is regarded as difficult. The exploit is now public and may be used.
CVSS 3.7