CNNVD-202601-3556 Information

CNNVD ID

CNNVD-202601-3556

Related CVE

CVE-2025-70899

• CNNVD Published: 2026-01-22

Description (Chinese)

PHPGurukul Online Course Registration是PHPGurukul公司的一个在线课程注册系统。 PHPGurukul Online Course Registration 3.1版本存在安全漏洞，该漏洞源于所有管理表单缺少跨站请求伪造保护，可能导致攻击者诱骗经过身份验证的管理员访问恶意网页来执行未授权操作。

Description (English)

PHPGurukul Online Course Renewal is an online course registration system for PHPGurukul. PHPGurukul Online Course Regulation 3.1 contains a security loophole resulting from the lack of cross-site protection requested for forgery on all management forms, which could lead the attackers to lure certified administrators to visit malicious web pages for unauthorized operations.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

PHPGurukul

Published

2026-01-22

Last Modified

2026-02-24

References

https://github.com/mathavamoorthi/CVE-2025-70899/blob/main/Missing_CSRF_protection_poc.md https://phpgurukul.com/online-course-registration-free-download/ https://access.redhat.com/security/cve/cve-2025-70899