CVE-2025-4898

Medium CVSS: 5.3

A vulnerability was found in SourceCodester Student Result Management System 1.0. It has been declared as critical. This vulnerability affects the function unlink of the file update_system.php of the component Logo File Handler. The manipulation of the argument old_logo leads to path traversal. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Vendor

Munyweki

Product

Student Result Management System

CWE

CWE-22

Yayın Tarihi

2025-05-18 22:15:18

Güncelleme

2025-05-21 19:37:41

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-22 Student Result Management System MEDIUM Munyweki 2025

Referanslar

https://magnificent-dill-351.notion.site/Arbitrary-File-Delete-in-SRMS-1-0-1f4c693918ed80de80b0e7925ddbdadc https://vuldb.com/?ctiid.309454 https://vuldb.com/?id.309454 https://vuldb.com/?submit.578036 https://www.sourcecodester.com/ https://magnificent-dill-351.notion.site/Arbitrary-File-Delete-in-SRMS-1-0-1f4c693918ed80de80b0e7925ddbdadc

Benzer Kayıtlar

Medium

CVE-2026-2984

A vulnerability was identified in SourceCodester Student Result Management System 1.0. This affects an unknown function…

Medium

CVE-2026-2983

A vulnerability was determined in SourceCodester Student Result Management System 1.0. The impacted element is an unknow…

Medium

CVE-2026-2938

A vulnerability has been found in SourceCodester Student Result Management System 1.0. The affected element is an unknow…

Medium

CVE-2025-5725

A vulnerability was found in SourceCodester Student Result Management System 1.0. It has been declared as problematic. A…

Medium

CVE-2025-5724

A vulnerability was found in SourceCodester Student Result Management System 1.0. It has been classified as problematic.…

Medium

CVE-2025-5723

A vulnerability was found in SourceCodester Student Result Management System 1.0 and classified as problematic. This iss…