CVE-2025-61148

MEDIUM

EduplusCampus 3.0.1 - IDOR

Title source: llm

Description

An Insecure Direct Object Reference (IDOR) vulnerability in the EduplusCampus 3.0.1 Student Payment API allows authenticated users to access other students personal and financial records by modifying the 'rec_no' parameter in the /student/get-receipt endpoint.

Exploits (1)

nomisec WRITEUP

by sharma19d · poc

https://github.com/sharma19d/CVE-2025-61148

View Code ZIP pw:eip

References (3)

[Exploit, Third Party Advisory] https://github.com/sharma19d/CVE-2025-61148

[Exploit, Third Party Advisory] https://drive.google.com/file/d/1BRZRurbl7TY6KU4uaelAUn7L9Cn6XfjC/view?usp=sharing

[Product] https://medium.com/@Charon19d/how-i-hacked-all-universities-in-my-city-d6b8e320455c

Scores

CVSS v3 6.5

EPSS 0.0005

EPSS Percentile 15.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-639

Status published

Products (1)

edupluscampus/edupluscampus 3.0.1

Published Dec 04, 2025

Tracked Since Feb 18, 2026