Onlne Examination Learning Management System
Monthly
Unrestricted file upload in SourceCodester's "Onlne Examination & Learning Management System" 1.0 (note: product name contains a known typo per CVE data) exposes the /announcements.php endpoint to arbitrary file upload by low-privileged authenticated users. A publicly available proof-of-concept, referenced under the title 'OE-LMS-RCE-3-announcements.md', demonstrates that the flaw can be leveraged for remote code execution - a significantly more severe real-world impact than the low CIA metrics in the provided CVSS 4.0 score suggest. No active exploitation (CISA KEV) has been confirmed, but the combination of low-complexity exploitation, a network-accessible vector, and a public POC elevates practical risk well above the 5.3 base score.
Unrestricted file upload in SourceCodester Onlne Examination & Learning Management System 1.0 (a PHP-based web application whose product name contains a documented typo - 'Onlne' rather than 'Online') permits remote low-privileged authenticated users to upload arbitrary files, including PHP webshells, via the /upload_files.php endpoint by exploiting inadequate extension validation in the pathinfo() function. Publicly available exploit code exists on GitHub, with the exploit document explicitly titled to reference remote code execution against this specific upload handler. No vendor-released patch has been identified, and the vulnerability is not listed in the CISA KEV catalog, though the public exploit materially lowers the barrier to exploitation.
Unrestricted file upload in SourceCodester Onlne Examination & Learning Management System 1.0 allows network-accessible, low-privilege attackers to upload arbitrary file types - including executable PHP webshells - via the `user_id` parameter in `/process_lesson.php`, with the publicly available proof-of-concept explicitly framed as a remote code execution chain. No CISA KEV listing exists, but a working exploit is publicly available on GitHub under the title 'OE-LMS-RCE-1'. The assigned CVSS 4.0 score of 2.1 with low-impact metrics materially understates the realistic impact; CWE-434 in PHP environments routinely enables full server compromise when uploads land in web-executable directories.
Privilege escalation in SourceCodester's Onlne Examination & Learning Management System 1.0 (the product name itself contains a typo - 'Onlne' instead of 'Online') exposes an unauthenticated registration endpoint at register.php where the role parameter is not server-side validated, allowing any remote actor to self-assign elevated privileges at account creation. A publicly available exploit has been published on Pastebin, confirming the attack is trivially reproducible. No CISA KEV listing exists, but the CVSS 4.0 E:P modifier and Pastebin reference corroborate working exploit availability; no vendor patch has been identified at time of analysis.
Unrestricted file upload in SourceCodester's "Onlne Examination & Learning Management System" 1.0 (note: product name contains a known typo per CVE data) exposes the /announcements.php endpoint to arbitrary file upload by low-privileged authenticated users. A publicly available proof-of-concept, referenced under the title 'OE-LMS-RCE-3-announcements.md', demonstrates that the flaw can be leveraged for remote code execution - a significantly more severe real-world impact than the low CIA metrics in the provided CVSS 4.0 score suggest. No active exploitation (CISA KEV) has been confirmed, but the combination of low-complexity exploitation, a network-accessible vector, and a public POC elevates practical risk well above the 5.3 base score.
Unrestricted file upload in SourceCodester Onlne Examination & Learning Management System 1.0 (a PHP-based web application whose product name contains a documented typo - 'Onlne' rather than 'Online') permits remote low-privileged authenticated users to upload arbitrary files, including PHP webshells, via the /upload_files.php endpoint by exploiting inadequate extension validation in the pathinfo() function. Publicly available exploit code exists on GitHub, with the exploit document explicitly titled to reference remote code execution against this specific upload handler. No vendor-released patch has been identified, and the vulnerability is not listed in the CISA KEV catalog, though the public exploit materially lowers the barrier to exploitation.
Unrestricted file upload in SourceCodester Onlne Examination & Learning Management System 1.0 allows network-accessible, low-privilege attackers to upload arbitrary file types - including executable PHP webshells - via the `user_id` parameter in `/process_lesson.php`, with the publicly available proof-of-concept explicitly framed as a remote code execution chain. No CISA KEV listing exists, but a working exploit is publicly available on GitHub under the title 'OE-LMS-RCE-1'. The assigned CVSS 4.0 score of 2.1 with low-impact metrics materially understates the realistic impact; CWE-434 in PHP environments routinely enables full server compromise when uploads land in web-executable directories.
Privilege escalation in SourceCodester's Onlne Examination & Learning Management System 1.0 (the product name itself contains a typo - 'Onlne' instead of 'Online') exposes an unauthenticated registration endpoint at register.php where the role parameter is not server-side validated, allowing any remote actor to self-assign elevated privileges at account creation. A publicly available exploit has been published on Pastebin, confirming the attack is trivially reproducible. No CISA KEV listing exists, but the CVSS 4.0 E:P modifier and Pastebin reference corroborate working exploit availability; no vendor patch has been identified at time of analysis.