CVE-2025-15406
HIGH WAF: Low
CVSS 8.8
Published: 2026-01-01
CWE-862 CWE-863
A flaw has been found in PHPGurukul Online Course Registration up to 3.1. This affects an unknown function. This manipulation causes missing authorization. Remote exploitation of the attack is possible. The exploit has been published and may be used.
WAF Coverage Analysis
Missing Authorization
Low WAF Coverage
OWASP: A01:2021 Broken Access Control
Incorrect Authorization
Low WAF Coverage
OWASP: A01:2021 Broken Access Control
Affected Software
| Vendor | Product | Version |
|---|---|---|
| phpgurukul | online_course_registration | up to 3.1 |
References
- github.com (Exploit, Third Party Advisory)
- phpgurukul.com (Product)
- vuldb.com (Permissions Required, VDB Entry)
- vuldb.com (Third Party Advisory, VDB Entry)
- vuldb.com (Third Party Advisory, VDB Entry)