216.73.216.170

CVE-2025-1590

· Published 23/02/2025 19:15 · Modified 28/02/2025 19:29

Labels: CVE-2025-1590 2025-02-23CVE-2025-1590CWE-284CWE-434[email protected]

Essential information

Published
23/02/2025 19:15
Modified
28/02/2025 19:29
Author
Creator
CVSS
4.7 MEDIUM (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

CVSS metrics

Description

A vulnerability was found in SourceCodester E-Learning System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/modules/lesson/index.php of the component List of Lessons Page. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely.

NVD status

Status
Analyzed — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
janobe / e-learning system cpe:2.3:a:janobe:e-learning_system:1.0:*:*:*:*:*:*:*

References