CVE-2025-6477 – SourceCodester Student Result Management System Cross-Site Scripting Vulnerability

June 22, 2025

CVE ID : CVE-2025-6477

Published : June 22, 2025, 1:15 p.m. | 28 minutes ago

Description : A vulnerability was found in SourceCodester Student Result Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /script/admin/system of the component System Settings Page. The manipulation of the argument School Name leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 2.4 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous Article“We’re creating a game that’s steeped in dark fantasy elements” — Capcom talks building a samurai adventure with Onimusha: Way of the Sword

Next Article CVE-2025-6476 – SourceCodester Gym Management System Cross-Site Request Forgery Vulnerability

Highlights

CVE-2025-48875 – FreeScout Cross-Site Scripting (XSS) Vulnerability

May 30, 2025

CVE ID : CVE-2025-48875

Published : May 30, 2025, 7:15 a.m. | 2 hours, 21 minutes ago

Description : FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.181, the system’s incorrect validation of last_name and first_name during profile data updates allows for the injection of arbitrary JavaScript code, which will be executed in a flesh-message when the data is deleted, potentially leading to a Cross-Site Scripting (XSS) vulnerability. This issue has been patched in version 1.8.181.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

This week in AI dev tools: Gemini 2.5 Pro and Flash GA, GitHub Copilot Spaces, and more (June 20, 2025)

Gemini 2.5 Pro and Flash are generally available and Gemini 2.5 Flash-Lite preview is announced

CSS Cascade Layers Vs. BEM Vs. Utility Classes: Specificity Control

IBM launches new integration to help unify AI security and governance

I used Lenovo’s latest dual-screen OLED laptop for a month and it wouldn’t be my first choice — here’s why

Here’s how I fixed a dead Steam Deck screen — with Valve proving they still have the best customer service in gaming

Borderlands 4 drops stunning new story trailer

DistroWatch Weekly, Issue 1127

Exploring Lakebase: Databricks’ Next-Gen AI-Native OLTP Database

Exploring Lakebase: Databricks’ Next-Gen AI-Native OLTP Database

Understanding JavaScript Promise

Lakeflow: Revolutionizing SCD2 Pipelines with Change Data Capture (CDC)

I used Lenovo’s latest dual-screen OLED laptop for a month and it wouldn’t be my first choice — here’s why

I used Lenovo’s latest dual-screen OLED laptop for a month and it wouldn’t be my first choice — here’s why

Here’s how I fixed a dead Steam Deck screen — with Valve proving they still have the best customer service in gaming

Borderlands 4 drops stunning new story trailer

CVE-2025-6477 – SourceCodester Student Result Management System Cross-Site Scripting Vulnerability

WordPress Motors theme flaw mass-exploited to hijack admin accounts

Weekly Cybersecurity News Recap – Top Vulnerabilities, Threat and Data Breaches

Data Cloud Workshop: From Readiness to Results

Talk to more users sooner

CVE-2025-5097 – CVE-2022-36466: Apache HTTP Server XML Entity Injection Vulnerability

CVE-2025-1327 – “Homey WordPress Theme Insecure Direct Object Reference Vulnerability”

CVE-2025-48875 – FreeScout Cross-Site Scripting (XSS) Vulnerability

CVE-2025-4150 – Netgear EX6200 Remote Buffer Overflow

New Xbox games launching this week, from April 14 through April 20: Explore photography, puzzles, and more

CVE-2025-4747 – NetDragon Firewall Command Injection Vulnerability

CVE-2025-6477 – SourceCodester Student Result Management System Cross-Site Scripting Vulnerability

Related Posts