CVE-2018-25162

MEDIUM

2-Plan Team 1.0.4 - Authenticated RCE

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-25162. PoCs published by Ihsan Sencan.

AI-analyzed exploit summary This exploit demonstrates an arbitrary file upload vulnerability in 2-Plan Team 1.0.4, allowing an attacker to upload a malicious PHP file via a crafted multipart/form-data POST request to managefile.php. The uploaded file is then accessible via a predictable path, leading to remote code execution.

Description

2-Plan Team 1.0.4 contains an arbitrary file upload vulnerability that allows authenticated attackers to upload executable PHP files by sending multipart form data to managefile.php. Attackers can upload PHP files through the userfile1 parameter with action=upload, which are stored in the files directory and executed by the web server for remote code execution.

Exploits (1)

exploitdb WORKING POC
by Ihsan Sencan · textwebappsphp
https://www.exploit-db.com/exploits/45878

This exploit demonstrates an arbitrary file upload vulnerability in 2-Plan Team 1.0.4, allowing an attacker to upload a malicious PHP file via a crafted multipart/form-data POST request to managefile.php. The uploaded file is then accessible via a predictable path, leading to remote code execution.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: 2-Plan Team 1.0.4
Auth required
Prerequisites: valid PHPSESSID cookie · access to the managefile.php endpoint
devstral-2 · analyzed Mar 06, 2026 Full analysis →

References (2)

Core 2
Core References
Exploit, Third Party Advisory exploit
https://www.exploit-db.com/exploits/45878

Scores

CVSS v3 6.5
EPSS 0.0044
EPSS Percentile 35.2%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact partial

Details

CWE
CWE-434
Status published
Published Mar 06, 2026
Tracked Since Mar 06, 2026