CVE-2025-0800

CWE-79Cross-site Scripting (XSS)CWE-94Code InjectionCWE-787Out-of-bounds Write4 documents4 sources
Severity
5.1MEDIUM
EPSS
0.0%
top 89.04%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Sourcecodester Online CoursewareArgie Online Courseware
Timeline
PublishedJan 29

Description

A vulnerability classified as problematic has been found in SourceCodester Online Courseware 1.0. Affected is an unknown function of the file /pcci/admin/saveeditt.php of the component Edit Teacher. The manipulation of the argument fname leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Affected Packages2 packages

🔴Vulnerability Details

2
CVEList
SourceCodester Online Courseware Edit Teacher saveeditt.php cross site scripting2025-01-29
GHSA
GHSA-c24w-3q8v-xmvp: A vulnerability classified as problematic has been found in SourceCodester Online Courseware 12025-01-29

📋Vendor Advisories

1
Microsoft
LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3502 allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources the f2023-02-14
CVE-2025-0800 (MEDIUM CVSS 5.1) | A vulnerability classified as probl | cvebase.io