CVE-2025-61148 PoC — EduplusCampus 安全漏洞

Source

https://github.com/sharma19d/CVE-2025-61148

Associated Vulnerability

Title:EduplusCampus 安全漏洞 (CVE-2025-61148)
Description:EduplusCampus是印度EduplusCampus公司的一个学校管理系统。 EduplusCampus 3.0.1版本存在安全漏洞，该漏洞源于Student Payment API存在不安全的直接对象引用，可能导致未授权访问个人和财务记录。

Description

The vulnerability exists in the Student Payment API. The application fails to properly validate whether the user requesting a receipt is authorized to view it. By modifying the rec_no parameter in the API request, an attacker can access the receipts of other users.

File Snapshot


 None

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!