CVE-2025-10600 is a vulnerability identified in SourceCodester Online Exam Form Submission version 1.0, specifically involving the /register.php file. The flaw arises from an unrestricted file upload vulnerability triggered by manipulation of the 'img' argument. This vulnerability allows an unauthenticated remote attacker to upload arbitrary files to the server without restriction. The unrestricted upload capability can be exploited to upload malicious files such as web shells or malware, potentially leading to remote code execution, server compromise, data theft, or further lateral movement within the affected environment. The vulnerability does not require any authentication or user interaction, making it easier to exploit. The CVSS 4.0 base score is 6.9 (medium severity), reflecting the network attack vector, low complexity, no privileges required, and no user interaction needed. The impact on confidentiality, integrity, and availability is rated low individually but combined can lead to significant compromise if exploited. No official patches have been published yet, and while no known exploits are reported in the wild, the exploit code has been made publicly available, increasing the risk of exploitation. The vulnerability affects only version 1.0 of the product, which is a niche online exam form submission system, likely deployed in educational or training institutions. Given the nature of the vulnerability, attackers could leverage it to gain unauthorized access to exam data, manipulate exam submissions, or disrupt exam processes, undermining the integrity of online assessments.

For European organizations, particularly educational institutions and certification bodies using SourceCodester Online Exam Form Submission 1.0, this vulnerability poses a significant risk. Exploitation could lead to unauthorized access to sensitive student or candidate data, including personal information and exam results, violating data protection regulations such as GDPR. The ability to upload arbitrary files could allow attackers to deploy web shells, leading to full server compromise, data exfiltration, or service disruption. This could result in reputational damage, legal liabilities, and operational downtime. Additionally, manipulation of exam data could undermine the credibility of certification processes, affecting trust in educational institutions. The medium severity rating suggests that while exploitation is feasible, the impact depends on the deployment context and the presence of compensating controls. Organizations in Europe with limited IT security resources or those using outdated versions of this software are particularly vulnerable. The lack of patches increases the urgency for mitigation.

Since no official patches are currently available, European organizations should implement immediate compensating controls. First, restrict access to the /register.php endpoint by IP whitelisting or VPN access to limit exposure to trusted users only. Implement web application firewalls (WAFs) with custom rules to detect and block suspicious file upload patterns, especially targeting the 'img' parameter. Conduct thorough input validation and sanitization on file uploads, enforcing strict file type, size, and content checks. Disable or restrict file execution permissions in the upload directories to prevent execution of malicious files. Monitor server logs for unusual upload activity or access patterns. If possible, isolate the affected application in a segmented network zone to limit lateral movement. Organizations should also plan for an upgrade or replacement of the vulnerable software and monitor vendor channels for official patches. Regular backups and incident response readiness are essential to mitigate potential damage from exploitation.