Home / Vulnerability Intelligence / CVE-2025-51414

CVE-2025-51414 - Vulnerability Analysis

HighCVSS: 8.8

Last Updated: April 15, 2026

Phpgurukul Online Course Registration - Unrestricted File Upload

Published: April 13, 2026Updated: April 15, 2026Remote Exploitable

Overview

Phpgurukul Online Course Registration v3.1 contains an unrestricted file upload vulnerability caused by insufficient validation in the profile picture upload functionality on /my-profile.php, letting attackers upload arbitrary files remotely, exploit requires no special privileges.

Severity & Score

Severity: High

CVSS Score: 8.8

Impact

Attackers can upload arbitrary files, potentially leading to remote code execution or server compromise.

Mitigation

Update to the latest version with proper file upload validation.

References

https://github.com/12T40910/CVE/issues/12
https://medium.com/@tanushkushtk01/cve-2025-51414-unrestricted-file-upload-in-online-course-registration-v3-1-bd8b839be1d7

Related Resources

Vulnerability Intelligence Dashboard
Credential Scanner

Details

CVE ID: CVE-2025-51414
Severity: High
CVSS Score: 8.8
Type: unrestricted_file_upload
Status: new

CWE

CWE-94

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H