Share:

CVE-2021-25200

Severe 9.8

Arbitrary file upload vulnerability in SourceCodester Learning Management System v 1.0 allows attackers to execute arbitrary code, via the file upload to \lms\student_avatar.php.

Published July 30, 2021.

Affected software

Learning Management System Project Learning Management System

Get alerts for Learning Management System Project Learning Management System

Reference links

https://github.com/TCSWT/Learning-Management-System/blob/main/README.md