Directory Traversal Vulnerability in PHPGurukul Pre-School Enrollment System
CVE-2025-50350

5.4MEDIUM

Key Information:

Vendor: PHPGurukul
Status: Pre-School Enrollment System
Vendor: CVE Published:; 26 June 2025

What is CVE-2025-50350?

The PHPGurukul Pre-School Enrollment System v1.0 is susceptible to a directory traversal vulnerability, allowing unauthorized access to sensitive files on the server. This flaw occurs in the manage-classes.php file, enabling attackers to manipulate directory paths and retrieve files outside of the intended directory. Such vulnerabilities can lead to significant data exposure and potential breaches, underscoring the critical need for timely patches and security measures.

References

https://github.com/baixiaobi/Pre-School-/blob/main/direct...

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 26, 2025
Vulnerability Reserved
Jun 16, 2025