CVE-2025-60500

Alias:

Overview

QDocs Smart School Management System 7.1 allows authenticated users with roles such as "accountant" or "admin" to bypass file type restrictions in the media upload feature by abusing the alternate YouTube URL option. This logic flaw permits uploading of arbitrary PHP files, which are stored in a web...

Critical

Low

Medium

No items found.

Severity / CVSS Score: (Critical)

CWE:

Discovery date: October 21, 2025

Authentication required: NoneYes

Attack Vector: None

CVE-2025-60500

Overview

Affected Components

Kodem Deep Dive

Stop the waste.
Protect your environment with Kodem.

CVE-2025-60500

Overview

Affected Components

Kodem Deep Dive

Stop the waste.Protect your environment with Kodem.

Stop the waste.
Protect your environment with Kodem.