PT-2025-38224 · Sourcecodester · Sourcecodester Online Exam Form Submission
Quchunyi2
·
Published
2025-09-17
·
Updated
2025-09-18
·
CVE-2025-10600
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
SourceCodester Online Exam Form Submission version 1.0
Description
A flaw exists in SourceCodester Online Exam Form Submission that allows for unrestricted file upload. The issue is related to the manipulation of the
img argument within the /register.php file. This manipulation impacts an unknown function. The attack can be initiated remotely, and an exploit has been published.Recommendations
As a temporary workaround, restrict access to the
/register.php file.
Address the manipulation of the img argument within the affected function.Exploit
Fix
Improper Access Control
Unrestricted File Upload
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Sourcecodester Online Exam Form Submission