CVE-2025-56710

Name of the Vulnerable Software and Affected Versions PHPGurukul Student-Result-Management-System-Using-PHP-V2.0 version 2.0

Description A Cross-Site Request Forgery (CSRF) flaw exists in the Profile Page of the software. This allows an attacker to trick authenticated users into unintentionally modifying their account details. The attacker can submit unauthorized requests to the vulnerable endpoint: /create-class.php.

Recommendations As a mitigation, consider implementing CSRF protection mechanisms, such as synchronizer tokens, to validate requests.