CVE-2025-4898 – SourceCodester Student Result Management System Logo File Handler Remote Path Traversal Vulnerability

May 18, 2025

CVE ID : CVE-2025-4898

Published : May 18, 2025, 10:15 p.m. | 2 hours, 9 minutes ago

Description : A vulnerability was found in SourceCodester Student Result Management System 1.0. It has been declared as critical. This vulnerability affects the function unlink of the file update_system.php of the component Logo File Handler. The manipulation of the argument old_logo leads to path traversal. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 5.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4899 – Campcodes Sales and Inventory System SQL Injection Vulnerability

Next Article CVE-2025-4897 – Tenda A15 HTTP POST Request Handler Buffer Overflow

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

GPT-5 should have a higher “degree of scientific certainty” than the current ChatGPT — but with less model switching

Elon Musk’s Grok 3 AI coming to Azure proves Satya Nadella’s allegiance isn’t to OpenAI, but to maximizing Microsoft’s profit gains by heeding consumer demands

One of the most promising open-world RPGs in years is releasing next week on Xbox and PC

NVIDIA’s latest driver fixes some big issues with DOOM: The Dark Ages

Community News: Latest PECL Releases (05.20.2025)

Community News: Latest PECL Releases (05.20.2025)

Getting Started with Personalization in Sitecore XM Cloud: Enable, Extend, and Execute

Universal Design and Global Accessibility Awareness Day (GAAD)

GPT-5 should have a higher “degree of scientific certainty” than the current ChatGPT — but with less model switching

GPT-5 should have a higher “degree of scientific certainty” than the current ChatGPT — but with less model switching

Elon Musk’s Grok 3 AI coming to Azure proves Satya Nadella’s allegiance isn’t to OpenAI, but to maximizing Microsoft’s profit gains by heeding consumer demands

One of the most promising open-world RPGs in years is releasing next week on Xbox and PC

CVE-2025-4898 – SourceCodester Student Result Management System Logo File Handler Remote Path Traversal Vulnerability

ESET APT Activity Report Q4 2024–Q1 2025

The who, where, and how of APT attacks in Q4 2024–Q1 2025

What is SRE? A Beginner’s Guide to Site Reliability Engineering

New Glutton Malware Exploits Popular PHP Frameworks Like Laravel and ThinkPHP

A Beginners Guide to Using Visual Studio Code for Python

Smashing Security podcast #396: Dishy DDoS dramas, and mining our minds for data

US Health Insurance Website HealthCare.gov Hacked Again? 7,500 Users Potentially Affected

Every product Samsung unveiled at Unpacked July 2024: Galaxy Z Fold 6, Watch Ultra, Ring, more

Distributor of ANOM Encrypted Devices Sentenced to Over 5 Years in Prison

BlackBasta Ransomware Gang Claims Cyberattack on Key Benefit Administrators, Scrubs & Beyond

CVE-2025-4898 – SourceCodester Student Result Management System Logo File Handler Remote Path Traversal Vulnerability

Related Posts