CVE-2025-51414

HIGH

Phpgurukul Online Course Registration 3.1 - Arbitrary File Upload

Title source: llm

Description

In Phpgurukul Online Course Registration v3.1, an arbitrary file upload vulnerability was discovered within the profile picture upload functionality on the /my-profile.php page.

References (2)

Core 2

Core References

https://github.com/12T40910/CVE/issues/12

https://medium.com/@tanushkushtk01/cve-2025-51414-unrestricted-file-upload-in-online-course-registration-v3-1-bd8b839be1d7

Scores

CVSS v3 8.8

EPSS 0.0031

EPSS Percentile 22.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-94

Status published

Published Apr 13, 2026

Tracked Since Apr 14, 2026