ГлавнаяУязвимости → CVE-2025-56710
7.3высокая

CVE-2025-56710

Описание

A Cross-Site Request Forgery (CSRF) vulnerability was identified in the Profile Page of the PHPGurukul Student-Result-Management-System-Using-PHP-V2.0. This flaw allows an attacker to trick authenticated users into unintentionally modifying their account details. By crafting a malicious HTML page, an attacker can submit unauthorized requests to the vulnerable endpoint: /create-class.php.

Затрагиваемое ПО
Phpgurukul Student result management system
CVSS
Балл7.3 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
Источники
https://medium.com/@mrshaikh841/csrf-pocs-1c96d9305298