Edupluscampus

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2025-61148 MEDIUM POC This Month

An Insecure Direct Object Reference (IDOR) vulnerability in the EduplusCampus 3.0.1 Student Payment API allows authenticated users to access other students personal and financial records by modifying the 'rec_no' parameter in the /student/get-receipt endpoint.

Authentication Bypass Edupluscampus

NVD GitHub

CVSS 3.1

6.5

EPSS

0.0%

CVE-2025-61148

EPSS 0% CVSS 6.5

MEDIUM POC This Month

An Insecure Direct Object Reference (IDOR) vulnerability in the EduplusCampus 3.0.1 Student Payment API allows authenticated users to access other students personal and financial records by modifying the 'rec_no' parameter in the /student/get-receipt endpoint.

Authentication Bypass Edupluscampus

NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy