← voltar
CVE-2025-15406

PHPGurukul Online Course Registration authorization

CVSS 5.3 MEDIUMEPSS 0.4%CWE-862CWE-863
Vexday Risk Score
13Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 5.3EPSS 0.4%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
01 jan 2026Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
A flaw has been found in PHPGurukul Online Course Registration up to 3.1. This affects an unknown function. This manipulation causes missing authorization. Remote exploitation of the attack is possible. The exploit has been published and may be used.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
Produtos afetados
PHPGurukul · Online Course Registration

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/rsecroot/Online-Course-Registration/blob/main/Broken%20Access%20Control.mdhttps://phpgurukul.com/https://vuldb.com/?ctiid.339326https://vuldb.com/?id.339326https://vuldb.com/?submit.728354