CVE-2025-9729 — Injection in Online Course Registration

CWE-74 — Injection CWE-89 — SQL Injection3 documents3 sources

Severity

6.9MEDIUMNVD

EPSS

0.0%

top 91.34%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Phpgurukul Online Course Registration

Timeline

PublishedAug 31

Description

A vulnerability was detected in PHPGurukul Online Course Registration 3.1. This vulnerability affects unknown code of the file /admin/student-registration.php. Performing manipulation of the argument studentname results in sql injection. The attack is possible to be carried out remotely. The exploit is now public and may be used.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Affected Packages2 packages

▶CVEListV5phpgurukul/online_course_registration3.1

▶NVDphpgurukul/online_course_registration3.1

🔴Vulnerability Details

CVEList

PHPGurukul Online Course Registration student-registration.php sql injection↗2025-08-31

▶

GHSA

GHSA-m83m-g37g-fcp4: A vulnerability was detected in PHPGurukul Online Course Registration 3↗2025-08-31

▶