CVE-2021-25200 - Learning Management System Project Learning Management System
Critical 9.8
Arbitrary file upload vulnerability in SourceCodester Learning Management System v 1.0 allows attackers to execute arbitrary code, via the file upload to \lms\student_avatar.php.
Affected software
Learning Management System Project Learning Management System