What is the CVSS score of CVE-2025-50349?

CVE-2025-50349 has a CVSS 3.1 base score of 7.5 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N. EPSS exploitation probability: 0.8%.

Which versions of PHP are affected by CVE-2025-50349?

PHPGurukul Pre-School Enrollment System contains a directory traversal vulnerability that allows attackers to access unauthorized files on affected systems.

Is there a public PoC exploit available for CVE-2025-50349?

Yes, a public proof-of-concept exploit is available for CVE-2025-50349. Prioritise patching immediately. EPSS: 0.8%.

How to fix or mitigate CVE-2025-50349?

Within 24 hours: Identify all instances of PHPGurukul Pre-School Enrollment System V1.0 in your environment and isolate systems from public internet access if possible. Within 7 days: Implement WAF rules to block malicious requests to update-teacher-pic.php containing directory traversal patterns (../ sequences); restrict file upload functionality to authenticated users only; monitor access logs for exploitation attempts. Within 30 days: Contact vendor for patched version availability; evaluate alternative pre-school management solutions; conduct forensic review of affected systems for unauthorized file access.

PHP CVE-2025-50349

EUVD-2025-18924 HIGH

Path Traversal (CWE-22)

2025-06-23 cve@mitre.org

PHP Path Traversal Pre School Enrollment System

7.5

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

7.5 HIGH

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

Lifecycle Timeline

EUVD ID Assigned

Mar 15, 2026 - 22:10 euvd

EUVD-2025-18924

Analysis Generated

Mar 15, 2026 - 22:10 vuln.today

PoC Detected

Jun 25, 2025 - 13:01 vuln.today

Public exploit code

CVE Published

Jun 23, 2025 - 19:15 nvd

HIGH 7.5

DescriptionCVE.org

PHPGurukul Pre-School Enrollment System Project V1.0 is vulnerable to Directory Traversal in update-teacher-pic.php.

AnalysisAI

PHPGurukul Pre-School Enrollment System v1.0 contains a directory traversal vulnerability in the update-teacher-pic.php endpoint that allows unauthenticated remote attackers to read arbitrary files from the server with high confidence. An attacker can exploit this network-accessible vulnerability without any privileges or user interaction to disclose sensitive files, potentially exposing database credentials, configuration files, or other system information. The high CVSS score of 7.5 reflects the ease of exploitation (network-accessible, low complexity, no authentication required) and significant confidentiality impact, though this vulnerability does not permit file modification or denial of service.

Technical ContextAI

The vulnerability exists in a PHP application's file upload/update functionality (update-teacher-pic.php) that fails to properly sanitize user-supplied input for directory traversal sequences such as '../' or URL-encoded variants like '%2e%2e%2f'. This is a classic CWE-22 (Improper Limitation of a Pathname to a Restricted Directory) vulnerability where path traversal filters are either absent or bypassable. PHPGurukul Pre-School Enrollment System is a PHP-based educational management system; the vulnerable endpoint likely processes teacher profile picture updates but does not validate that the resulting file path remains within the intended upload directory. An attacker can inject path traversal sequences into file parameters to access files outside the web root, including /etc/passwd, configuration files (config.php, database.yml), or other sensitive system files readable by the web server process.

RemediationAI

Immediate remediation steps: (1) Implement strict input validation on the file parameter in update-teacher-pic.php by using basename() to extract only the filename component and rejecting any input containing '../', '..\', percent-encoded variants (%2e, %2f, %5c), or other path traversal sequences; (2) Enforce a whitelist of allowed file extensions and MIME types; (3) Store uploaded files outside the web root or in a dedicated uploads directory with restricted execution permissions; (4) Use a fixed, randomized filename pattern rather than user-supplied input; (5) Implement authentication and authorization checks to ensure only authorized users can access this endpoint; (6) Check PHPGurukul project repositories (GitHub, SourceForge) for patched versions beyond 1.0; (7) As a temporary workaround, implement Web Application Firewall (WAF) rules to block requests containing '../' sequences to update-teacher-pic.php; (8) Audit access logs for evidence of exploitation. Ideally, upgrade to a patched version if available or switch to actively maintained educational management systems.

More from same product – last 7 days

CVE-2026-49952 CRITICAL Act Now POC

9.3 Jun 15

Authentication bypass in Discuz! X5.0 releases 20260320 through 20260501 allows unauthenticated remote attackers to acce

CVE-2026-49954 HIGH This Week POC

8.6 Jun 15

Authenticated remote code execution in Discuz! X5.0 releases 20260320 through 20260501 allows administrators to chain a

CVE-2026-49768 CRITICAL Act Now

9.8 Jun 15

Unauthenticated PHP Object Injection in the Happyforms WordPress plugin (versions <= 1.26.13) allows remote attackers to

CVE-2026-27053 CRITICAL Act Now

9.8 Jun 15

Unauthenticated PHP Object Injection in the Broadcast Live Video WordPress plugin (versions prior to 7.1.3) allows remot

CVE-2026-49104 CRITICAL Act Now

9.8 Jun 15

Unauthenticated PHP object injection in the WordPress plugin 'Integration for Keap/Infusionsoft and Contact Form 7, WPFo

CVE-2025-50349 vulnerability details – vuln.today

Back

PHP CVE-2025-50349

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionCVE.org

AnalysisAI

Technical ContextAI

RemediationAI

More from same product – last 7 days

Share

External POC / Exploit Code