CVE-2025-1590

CVSS 3.1 Score 7.2 of 10 (high)

Details

Published Feb 23, 2025

Updated: Feb 28, 2025

CWE ID 434

CWE ID 284

Summary

CVE-2025-1590 is a newly discovered critical vulnerability in the SourceCodester E-Learning System 1.0. This issue affects an unidentified function of the /admin/modules/lesson/index.php file in the component List of Lessons Page. An attacker can exploit this vulnerability to carry out unrestricted file uploads, which may allow for code injection or other malicious activities. Since this can be executed remotely, the risk posed by this vulnerability is significant. Organizations using this E-Learning System are strongly advised to apply the necessary patches as soon as possible to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Back to Vulnerability Database