PHPGurukul Online Course Registration
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in PHPGurukul Online Course Registration.
By the Year
In 2026 there have been 2 vulnerabilities in PHPGurukul Online Course Registration with an average score of 6.3 out of ten. Last year, in 2025 Online Course Registration had 7 security vulnerabilities published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Online Course Registration in 2026 could surpass last years number. Last year, the average CVE base score was greater by 3.08
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 2 | 6.30 |
| 2025 | 7 | 9.38 |
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 1 | 0.00 |
It may take a day or so for new Online Course Registration vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent PHPGurukul Online Course Registration Security Vulnerabilities
PHPGurukul 3.1: Unrestricted File Upload via /admin/edit-student-profile.php
CVE-2026-0547
6.3 - Medium
- January 02, 2026
A vulnerability was found in PHPGurukul Online Course Registration up to 3.1. This issue affects some unknown processing of the file /admin/edit-student-profile.php of the component Student Registration Page. The manipulation of the argument photo results in unrestricted upload. The attack may be launched remotely. The exploit has been made public and could be used.
Unrestricted File Upload
Missing Authorization in PHPGurukul OR v3.1 and earlier
CVE-2025-15406
6.3 - Medium
- January 01, 2026
A flaw has been found in PHPGurukul Online Course Registration up to 3.1. This affects an unknown function. This manipulation causes missing authorization. Remote exploitation of the attack is possible. The exploit has been published and may be used.
AuthZ
PHPGurukul Online Course Reg 3.1 SQLi via cgpa in /my-profile.php
CVE-2025-10663
7.3 - High
- September 18, 2025
A vulnerability was found in PHPGurukul Online Course Registration 3.1. This affects an unknown function of the file /my-profile.php. Performing manipulation of the argument cgpa results in sql injection. The attack may be initiated remotely. The exploit has been made public and could be used.
SQL Injection
Session Hijacking via Improper Session Invalidation in PHPGurukul OCR v3.1
CVE-2025-50485
- July 28, 2025
Improper session invalidation in the component /crm/change-password.php of PHPGurukul Online Course Registration v3.1 allows attackers to execute a session hijacking attack.
PHPGurukul Online Course Registration 3.1 SQLi via news.php newstitle
CVE-2025-4794
9.8 - Critical
- May 16, 2025
A vulnerability was found in PHPGurukul Online Course Registration 3.1. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /news.php. The manipulation of the argument newstitle leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
PHPGurukul OR 3.1 - Remote SQLI via cgpa in /edit-student-profile.php
CVE-2025-4793
9.8 - Critical
- May 16, 2025
A vulnerability was found in PHPGurukul Online Course Registration 3.1. It has been classified as critical. Affected is an unknown function of the file /edit-student-profile.php. The manipulation of the argument cgpa leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
PHPGurukul OCR 3.1 Remote SQLi via admin/level.php - critical
CVE-2025-4773
9.8 - Critical
- May 16, 2025
A vulnerability was found in PHPGurukul Online Course Registration 3.1 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/level.php. The manipulation of the argument level leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
SQLi in PHPGurukul Online Course Registration 3.1 admin/course.php via coursecode
CVE-2025-4771
9.8 - Critical
- May 16, 2025
A vulnerability, which was classified as critical, was found in PHPGurukul Online Course Registration 3.1. Affected is an unknown function of the file /admin/course.php. The manipulation of the argument coursecode leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
PHPGurukul 3.1 - /admin/department.php SQLi via department
CVE-2025-4772
9.8 - Critical
- May 16, 2025
A vulnerability has been found in PHPGurukul Online Course Registration 3.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/department.php. The manipulation of the argument department leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
Online Course Registration 2.0 has multiple SQL injections
CVE-2020-12429
- April 28, 2020
Online Course Registration 2.0 has multiple SQL injections that would can lead to a complete database compromise and authentication bypass in the login pages: admin/change-password.php, admin/check_availability.php, admin/index.php, change-password.php, check_availability.php, includes/header.php, index.php, and pincode-verification.php.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for PHPGurukul Online Course Registration or by PHPGurukul? Click the Watch button to subscribe.
