Sourcecodester · Sourcecodester Responsive E-Learning System · CVE-2025-10687
**Name of the Vulnerable Software and Affected Versions**
SourceCodester Responsive E-Learning System version 1.0
**Description**
A SQL injection issue exists in SourceCodester Responsive E-Learning System 1.0. The `Username` parameter in the `/admin/add teacher.php` file is susceptible to manipulation, potentially allowing for remote exploitation. The exploit has been publicly disclosed.
**Recommendations**
As a temporary workaround, restrict access to the `/admin/add teacher.php` file to minimize the risk of exploitation.
Sanitize the `Username` parameter before using it in SQL queries.