CVE-2026-0547 is a vulnerability identified in PHPGurukul Online Course Registration software versions 3.0 and 3.1, specifically within the /admin/edit-student-profile.php file handling the 'photo' parameter. The flaw allows an attacker to perform unrestricted file uploads due to insufficient validation or sanitization of the uploaded file. This vulnerability can be exploited remotely by an attacker with limited privileges (PR:L) without requiring user interaction (UI:N) or authentication beyond limited rights. The CVSS 4.0 score of 5.3 reflects a medium severity, considering the attack vector is network-based (AV:N), with low attack complexity (AC:L), and no privileges required beyond limited user rights. The vulnerability could enable attackers to upload malicious files such as web shells or scripts, leading to remote code execution, data leakage, or defacement. The lack of scope change (S:U) indicates the impact is confined to the vulnerable component but still affects confidentiality, integrity, and availability at a low level. No patches are currently linked, and no known exploits are active in the wild, but the public disclosure of the exploit code increases the risk of future attacks. This vulnerability is particularly critical in educational environments where the software is used to manage student data and profiles, potentially exposing sensitive information or allowing attackers to pivot within the network.

For European organizations, especially educational institutions using PHPGurukul Online Course Registration, this vulnerability poses a significant risk. Successful exploitation could lead to unauthorized access to student records, manipulation of academic data, or deployment of malicious payloads within the network. This could result in data breaches violating GDPR regulations, reputational damage, and operational disruptions. Attackers might leverage the uploaded files to establish persistent access or move laterally within the organization's infrastructure. Given the remote exploitability and low complexity, attackers can easily target multiple institutions simultaneously. The impact extends beyond confidentiality to integrity and availability, potentially affecting the trustworthiness of academic records and the availability of registration services. Organizations relying on this software without adequate compensating controls are at heightened risk of compliance violations and financial penalties.

Immediate mitigation steps include restricting file upload permissions to only trusted users and implementing strict server-side validation of uploaded files, including checking file types, sizes, and content signatures. Employing allowlists for acceptable file extensions and scanning uploads with antivirus or malware detection tools is critical. Organizations should monitor web server logs for suspicious upload attempts and anomalous file creations. Network segmentation can limit the impact of a successful exploit by isolating the application server from sensitive backend systems. Until official patches are released, consider disabling the photo upload feature or replacing it with a safer alternative. Regularly update and audit the PHPGurukul software and underlying web server configurations. Implement web application firewalls (WAFs) with rules to detect and block malicious upload patterns. Educate administrators about the vulnerability and enforce the principle of least privilege for user accounts managing uploads.