CVE-2026-0547

6.3 MEDIUM
Remote Code Execution

📋 TL;DR

This vulnerability allows remote attackers to upload arbitrary files via the photo parameter in the student registration page of PHPGurukul Online Course Registration. Attackers could upload malicious files like web shells to compromise the server. All systems running affected versions are vulnerable.

💻 Affected Systems

Products:
  • PHPGurukul Online Course Registration
Versions: Up to version 3.1
Operating Systems: Any OS running PHP (typically Linux/Windows)
Default Config Vulnerable: ⚠️ Yes
Notes: Affects the /admin/edit-student-profile.php component. Requires the student registration functionality to be enabled.

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise, data theft, and lateral movement within the network.

🟠

Likely Case

Attackers upload web shells to gain persistent access, deface websites, or steal sensitive student data.

🟢

If Mitigated

File uploads are blocked or properly validated, preventing malicious file execution.

🌐 Internet-Facing: HIGH - The vulnerability is remotely exploitable and affects internet-facing web applications.
🏢 Internal Only: MEDIUM - Internal systems could still be compromised through internal attackers or compromised accounts.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploit details are publicly available. Attack requires access to the student registration/admin interface.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://phpgurukul.com/

Restart Required: No

Instructions:

No official patch available. Check vendor website for updates or consider alternative solutions.

🔧 Temporary Workarounds

Implement File Upload Validation

all

Add server-side validation to restrict uploaded file types to images only and implement proper file extension filtering.

Modify /admin/edit-student-profile.php to add file type validation

Disable Student Registration

all

Temporarily disable the student registration functionality until a fix is available.

Comment out or remove registration form elements

🧯 If You Can't Patch

  • Implement web application firewall (WAF) rules to block malicious file uploads
  • Restrict access to the /admin/ directory to trusted IP addresses only

🔍 How to Verify

Check if Vulnerable:

Attempt to upload a non-image file (e.g., .php, .exe) via the photo upload feature in /admin/edit-student-profile.php

Check Version:

Check the software version in the application's admin panel or configuration files

Verify Fix Applied:

Test that only allowed image file types can be uploaded and malicious files are rejected

📡 Detection & Monitoring

Log Indicators:

  • Unusual file uploads to /admin/edit-student-profile.php
  • Uploads of non-image file types
  • Large number of upload attempts

Network Indicators:

  • POST requests to /admin/edit-student-profile.php with file uploads
  • Unusual traffic patterns to admin pages

SIEM Query:

source="web_server" AND uri="/admin/edit-student-profile.php" AND method="POST" AND file_upload="true"

📊 Metadata

CVE ID: CVE-2026-0547
CVSS v3 Score: 6.3 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-284
Published: January 2, 2026
Last Updated: February 5, 2026

🤖 AI-assisted analysis, reviewed for accuracy

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2026-0547, you might also want to check these:

CVE-2025-63225 9.8

The Eurolab ELTS100_UBX device with firmware ELTS100v1.UBX has critical administrative endpoints tha...

Same vulnerability type (CWE-284)
CVE-2020-37116 8.8

CVE-2020-37116 allows attackers with access to GUnet OpenEclass 1.7.3 to remotely access the default...

Same vulnerability type (CWE-284)
CVE-2026-1117 8.2

This vulnerability allows unauthenticated attackers to trigger resource-intensive text generation op...

Same vulnerability type (CWE-284)