Phpgurukul

Online Course Registration

14 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2025-70899

Exploit
  • EPSS 0.02%
  • Veröffentlicht 22.01.2026 00:00:00
  • Zuletzt bearbeitet 02.02.2026 20:01:45

PHPgurukul Online Course Registration v3.1 lacks Cross-Site Request Forgery (CSRF) protection on all administrative forms. An attacker can perform unauthorized actions on behalf of authenticated administrators by tricking them into visiting a malicio...

8.8

CVE-2026-0547

Exploit
  • EPSS 0.04%
  • Veröffentlicht 02.01.2026 09:32:07
  • Zuletzt bearbeitet 15.01.2026 02:06:05

A vulnerability was found in PHPGurukul Online Course Registration up to 3.1. This issue affects some unknown processing of the file /admin/edit-student-profile.php of the component Student Registration Page. The manipulation of the argument photo re...

8.8

CVE-2025-15406

Exploit
  • EPSS 0.02%
  • Veröffentlicht 01.01.2026 17:15:42
  • Zuletzt bearbeitet 06.01.2026 18:37:36

A flaw has been found in PHPGurukul Online Course Registration up to 3.1. This affects an unknown function. This manipulation causes missing authorization. Remote exploitation of the attack is possible. The exploit has been published and may be used.

9.8

CVE-2025-10663

Exploit
  • EPSS 0.03%
  • Veröffentlicht 18.09.2025 11:02:08
  • Zuletzt bearbeitet 20.09.2025 02:36:03

A vulnerability was found in PHPGurukul Online Course Registration 3.1. This affects an unknown function of the file /my-profile.php. Performing manipulation of the argument cgpa results in sql injection. The attack may be initiated remotely. The exp...

9.8

CVE-2025-10025

Exploit
  • EPSS 0.03%
  • Veröffentlicht 05.09.2025 19:32:08
  • Zuletzt bearbeitet 10.09.2025 16:47:06

A vulnerability has been found in PHPGurukul Online Course Registration 3.1. Affected is an unknown function of the file /admin/semester.php. The manipulation of the argument semester leads to sql injection. It is possible to initiate the attack remo...

9.8

CVE-2025-9729

Exploit
  • EPSS 0.03%
  • Veröffentlicht 31.08.2025 12:32:07
  • Zuletzt bearbeitet 08.09.2025 15:24:20

A vulnerability was detected in PHPGurukul Online Course Registration 3.1. This vulnerability affects unknown code of the file /admin/student-registration.php. Performing manipulation of the argument studentname results in sql injection. The attack i...

9.8

CVE-2025-9307

Exploit
  • EPSS 0.03%
  • Veröffentlicht 21.08.2025 16:15:35
  • Zuletzt bearbeitet 22.08.2025 21:14:11

A flaw has been found in PHPGurukul Online Course Registration 3.1. This affects an unknown function of the file /admin/session.php. This manipulation of the argument sesssion causes sql injection. The attack can be initiated remotely. The exploit ha...

7.1

CVE-2025-50485

Exploit
  • EPSS 0.04%
  • Veröffentlicht 28.07.2025 00:00:00
  • Zuletzt bearbeitet 29.07.2025 21:14:49

Improper session invalidation in the component /crm/change-password.php of PHPGurukul Online Course Registration v3.1 allows attackers to execute a session hijacking attack.

9.8

CVE-2025-4794

Exploit
  • EPSS 0.1%
  • Veröffentlicht 16.05.2025 18:00:13
  • Zuletzt bearbeitet 21.05.2025 21:00:03

A vulnerability was found in PHPGurukul Online Course Registration 3.1. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /news.php. The manipulation of the argument newstitle leads to sql inject...

9.8

CVE-2025-4793

Exploit
  • EPSS 0.1%
  • Veröffentlicht 16.05.2025 18:00:10
  • Zuletzt bearbeitet 21.05.2025 21:00:12

A vulnerability was found in PHPGurukul Online Course Registration 3.1. It has been classified as critical. Affected is an unknown function of the file /edit-student-profile.php. The manipulation of the argument cgpa leads to sql injection. It is pos...