SourceCodester Student Result Management System Path Traversal Vulnerability in Logo File Handler

Vulnerability

A critical path traversal vulnerability has been identified in SourceCodester Student Result Management System version 1.0. The issue arises in the Logo File Handler component, specifically within the unlink function of the update_system.php file. The vulnerability allows remote attackers to manipulate the old_logo argument, potentially leading to arbitrary file deletion.

Impact

Exploitation of this vulnerability could result in arbitrary file deletion on the server.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.0

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.0

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SourceCodester Student Result Management System Path Traversal Vulnerability in Logo File Handler

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating