← Back

Edupluscampus

edupluscampus

Vendor: Edupluscampus • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2025-61148
1Edupluscampus
1Edupluscampus
Dec 16, 2025
Dec 4, 2025
N/A· v4
6.5 MEDIUM· v3
N/A· v2
An Insecure Direct Object Reference (IDOR) vulnerability in the EduplusCampus 3.0.1 Student Payment API allows authenticated users to access other students personal and financial records by modifying the 'rec_no' paramet...Show more
An Insecure Direct Object Reference (IDOR) vulnerability in the EduplusCampus 3.0.1 Student Payment API allows authenticated users to access other students personal and financial records by modifying the 'rec_no' parameter in the /student/get-receipt endpoint.Show less