CVE-2025-4807 — Exposure of Information Through Directory Listing in Online Student Clearance System

CWE-548 — Exposure of Information Through Directory Listing CWE-552 — Files or Directories Accessible to External Parties CWE-22 — Path Traversal CWE-440 — Expected Behavior Violation4 documents4 sources

Severity

6.9MEDIUMNVD

EPSS

1.6%

top 18.29%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Sourcecodester Online Student Clearance System Senior-walter Online Student Clearance System

Timeline

PublishedMay 16

Description

A vulnerability, which was classified as problematic, was found in SourceCodester Online Student Clearance System 1.0. This affects an unknown part. The manipulation leads to exposure of information through directory listing. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Affected Packages2 packages

▶CVEListV5sourcecodester/online_student_clearance_system1.0

▶NVDsenior-walter/online_student_clearance_system1.0

🔴Vulnerability Details

CVEList

SourceCodester Online Student Clearance System exposure of information through directory listing↗2025-05-16

▶

GHSA

GHSA-42jj-4cc5-rm9v: A vulnerability, which was classified as problematic, was found in SourceCodester Online Student Clearance System 1↗2025-05-16

▶

📋Vendor Advisories

Microsoft

POLY1305 MAC implementation corrupts XMM registers on Windows↗2023-09-12

▶