Vulnerabilities > Learning Management System Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-30 | CVE-2021-25200 | Unrestricted Upload of File with Dangerous Type vulnerability in Learning Management System Project Learning Management System 1.0 Arbitrary file upload vulnerability in SourceCodester Learning Management System v 1.0 allows attackers to execute arbitrary code, via the file upload to \lms\student_avatar.php. | 9.8 |
| 2021-07-23 | CVE-2021-25201 | SQL Injection vulnerability in Learning Management System Project Learning Management System 1.0 SQL injection vulnerability in Learning Management System v 1.0 allows remote attackers to execute arbitrary SQL statements through the id parameter to obtain sensitive database information. | 7.5 |