CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Edupluscampus: >> Edupluscampus >> 3.0.1 Security Vulnerabilities

CVE-2025-61148

An Insecure Direct Object Reference (IDOR) vulnerability in the EduplusCampus 3.0.1 Student Payment API allows authenticated users to access other students personal and financial records by modifying the 'rec_no' parameter in the /student/get-receipt endpoint.

CVSS Score

6.5

EPSS Score

0.0

Published

2025-12-04

Page 1

Vulnerabilities

Vulnerable Software

Edupluscampus: >> Edupluscampus >> 3.0.1 Security Vulnerabilities

Products

Pricing

Contact Us