Server-Side Request Forgery in SourceCodester Link Status Checker by SourceCodester
CVE-2025-10410

5.3MEDIUM

Key Information:

Vendor

Sourcecodester
Status
Link Status Checker
Vendor
CVE Published:
14 September 2025

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2025-10410?

A security vulnerability exists in the SourceCodester Link Status Checker 1.0, located in the index.php file. This flaw stems from improper handling of the 'proxy' argument, enabling a potential attacker to execute server-side request forgery (SSRF) attacks remotely. With this vulnerability, unauthorized actions may be performed by tricking the server into sending requests on behalf of the attacker. Due to public disclosure, this exploit poses a significant risk, urging immediate attention and remediation.

Affected Version(s)

Link Status Checker 1.0

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2025-10410 - Proof of Concept

References

https://vuldb.com/?id.323844
vdb-entrytechnical-description
https://vuldb.com/?ctiid.323844
signaturepermissions-required
https://vuldb.com/?submit.646911
third-party-advisory

CVSS V4

Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

drewbyte (VulDB User)
.
CVE-2025-10410 : Server-Side Request Forgery in SourceCodester Link Status Checker by SourceCodester