Skip to main content

E Learning System

3 CVEs product

Monthly

CVE-2025-1590 MEDIUM This Month

A vulnerability was found in SourceCodester E-Learning System 1.0. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP Authentication Bypass File Upload E Learning System
NVD VulDB
CVSS 4.0
5.1
EPSS
0.2%
CVE-2025-1589 MEDIUM This Month

A vulnerability was found in SourceCodester E-Learning System 1.0 and classified as problematic.php of the component User Registration Handler. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP XSS E Learning System
NVD VulDB
CVSS 4.0
5.3
EPSS
0.1%
CVE-2021-3239 CRITICAL POC THREAT Act Now

E-Learning System 1.0 suffers from an unauthenticated SQL injection vulnerability, which allows remote attackers to execute arbitrary code on the hosting web server and gain a reverse shell. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi RCE E Learning System
NVD GitHub Exploit-DB
CVSS 3.1
9.8
EPSS
17.9%
EPSS 0% CVSS 5.1
MEDIUM This Month

A vulnerability was found in SourceCodester E-Learning System 1.0. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP Authentication Bypass File Upload +1
NVD VulDB
EPSS 0% CVSS 5.3
MEDIUM This Month

A vulnerability was found in SourceCodester E-Learning System 1.0 and classified as problematic.php of the component User Registration Handler. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP XSS E Learning System
NVD VulDB
EPSS 18% CVSS 9.8
CRITICAL POC THREAT Act Now

E-Learning System 1.0 suffers from an unauthenticated SQL injection vulnerability, which allows remote attackers to execute arbitrary code on the hosting web server and gain a reverse shell. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi RCE E Learning System
NVD GitHub Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy