CVE-2025-1590

Name of the Vulnerable Software and Affected Versions SourceCodester E-Learning System version 1.0

Description A critical issue has been found, affecting an unknown function of the file /admin/modules/lesson/index.php of the component List of Lessons Page. This issue leads to unrestricted upload and can be exploited remotely.

Recommendations For SourceCodester E-Learning System version 1.0, consider restricting access to the /admin/modules/lesson/index.php file to prevent remote exploitation until a fix is available. Additionally, monitor upload activities closely to detect and prevent potential unauthorized uploads. At the moment, there is no information about a newer version that contains a fix for this vulnerability.