![phpgurukul small-crm]()
CVE-2025-15390 is a vulnerability in PHPGurukul Small Crm
Published on December 31, 2025
PHPGurukul Small CRM edit-user.php authorization
A security flaw has been discovered in PHPGurukul Small CRM 4.0. This impacts an unknown function of the file /admin/edit-user.php. The manipulation results in missing authorization. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for attacks.
Timeline
Advisory disclosed
VulDB entry created
VulDB entry last update 14 days later.
Weakness Types
What is an AuthZ Vulnerability?
The software does not perform an authorization check when an actor attempts to access a resource or perform an action.
CVE-2025-15390 has been classified to as an AuthZ vulnerability or weakness.
What is an AuthZ Vulnerability?
The software performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions.
CVE-2025-15390 has been classified to as an AuthZ vulnerability or weakness.
Products Associated with CVE-2025-15390
Want to know whenever a new CVE is published for PHPGurukul Small Crm? stack.watch will email you.
Affected Versions
PHPGurukul Small CRM Version 4.0 is affected by CVE-2025-15390Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.