A
vulnerability was found in PHPGurukul Pre-School Enrollment System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/add-subadmin.php of the component Sub Admin Handler. The manipulation leads to improper access controls. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
References
| Link | Resource |
|---|---|
| https://github.com/SECWG/cve/issues/3 | Exploit Third Party Advisory Issue Tracking |
| https://phpgurukul.com/ | Product |
| https://vuldb.com/?ctiid.298904 | Permissions Required VDB Entry |
| https://vuldb.com/?id.298904 | Third Party Advisory VDB Entry |
| https://vuldb.com/?submit.515017 | Third Party Advisory VDB Entry |
| https://github.com/SECWG/cve/issues/3 | Exploit Third Party Advisory Issue Tracking |
Configurations
History
03 Apr 2025, 13:33
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Phpgurukul
Phpgurukul pre-school Enrollment System |
|
| References | () https://github.com/SECWG/cve/issues/3 - Exploit, Third Party Advisory, Issue Tracking | |
| References | () https://phpgurukul.com/ - Product | |
| References | () https://vuldb.com/?ctiid.298904 - Permissions Required, VDB Entry | |
| References | () https://vuldb.com/?id.298904 - Third Party Advisory, VDB Entry | |
| References | () https://vuldb.com/?submit.515017 - Third Party Advisory, VDB Entry | |
| CWE | NVD-CWE-noinfo | |
| CPE | cpe:2.3:a:phpgurukul:pre-school_enrollment_system:1.0:*:*:*:*:*:*:* |
07 Mar 2025, 20:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2025-03-07 15:15
Updated : 2025-04-03 13:33
NVD link : CVE-2025-2090
Mitre link : CVE-2025-2090
CVE.ORG link : CVE-2025-2090
JSON object : View
Products Affected
CWE