What is CVE-2025-15406?

CVE-2025-15406 is a medium-severity vulnerability in Phpgurukul Online Course Registration, classified under Missing Authorization. CVSS score: 6.3/10. Published 2026-01-01.

How severe is CVE-2025-15406?

Medium severity. CVSS v3 base score is 6.3 out of 10.

Auth bypass in Phpgurukul Online Course Registration

CVE-2025-15406

A flaw has been found in PHPGurukul Online Course Registration up to 3.1. This affects an unknown function. This manipulation causes missing authorization. Remote exploitation of the attack is possible. The exploit has been published and m…

Vulnerability class: Broken Access Control

EPSS: 0.000 (1.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L.

Affected products

Phpgurukul Online Course Registration — versions 3.0, 3.1
Phpgurukul Online_course_registration

Weakness classification (CWE)

References

VDB-339326 | PHPGurukul Online Course Registration authorization (technical-description, Third Party Advisory, VDB Entry, vdb-entry)
VDB-339326 | CTI Indicators (IOB, IOC) (signature, Permissions Required, permissions-required, VDB Entry)
Submit #728354 | PHPGurukul Online Course Registration v3.1 Missing Authorization (Third Party Advisory, VDB Entry, third-party-advisory)
cna@vuldb.com (Exploit, Third Party Advisory, exploit)
cna@vuldb.com (Product, product)

Frequently asked questions

What is CVE-2025-15406?: CVE-2025-15406 is a medium-severity vulnerability in Phpgurukul Online Course Registration, classified under Missing Authorization. CVSS score: 6.3/10. Published 2026-01-01.
How severe is CVE-2025-15406?: Medium severity. CVSS v3 base score is 6.3 out of 10.