CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2025-1590 – SourceCodester E-Learning System List of Lessons Page index.php unrestricted upload
https://notcve.org/view.php?id=CVE-2025-1590
23 Feb 2025 — A vulnerability was found in SourceCodester E-Learning System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/modules/lesson/index.php of the component List of Lessons Page. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. • https://vuldb.com/?ctiid.296574 • CWE-284: Improper Access Control CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-1589 – SourceCodester E-Learning System User Registration register.php cross site scripting
https://notcve.org/view.php?id=CVE-2025-1589
23 Feb 2025 — A vulnerability was found in SourceCodester E-Learning System 1.0 and classified as problematic. This issue affects some unknown processing of the file /register.php of the component User Registration Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. Eine problematische Schwachstelle wurde in SourceCodester E-Learning System 1.0 gefunden. • https://vuldb.com/?ctiid.296573 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-4349 – SourceCodester Pisay Online E-Learning System controller.php unrestricted upload
https://notcve.org/view.php?id=CVE-2024-4349
30 Apr 2024 — A vulnerability has been found in SourceCodester Pisay Online E-Learning System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /lesson/controller.php. The manipulation of the argument file leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/CveSecLook/cve/issues/19 • CWE-434: Unrestricted Upload of File with Dangerous Type •