CVE-2026-5546

MEDIUM WAF: Medium

CVSS 6.3 Published: 2026-04-05

CWE-434

A flaw has been found in Campcodes Complete Online Learning Management System 1.0. This impacts the function add_lesson of the file /application/models/Crud_model.php. This manipulation causes unrestricted upload. It is possible to initiate the attack remotely. The exploit has been published and may be used.

WAF Coverage Analysis

Unrestricted File Upload Medium WAF Coverage

OWASP: A04:2021 Insecure Design

930xxx - Local File Inclusion

References

github.com
vuldb.com
vuldb.com
vuldb.com
www.campcodes.com

Back to CVE Database