CVE-2025-5840

HIGH

SourceCodester Client DBMS 1.0 - Unrestricted Upload

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-5840. PoCs published by haxerr9.

AI-analyzed exploit summary This exploit targets an arbitrary file upload vulnerability in a web application, allowing an attacker to upload a malicious PHP file (webshell) to the server. The PoC uses a POST request to upload a file with a PHP payload that executes system commands via a GET parameter.

Description

A vulnerability, which was classified as critical, was found in SourceCodester Client Database Management System 1.0. This affects an unknown part of the file /user_update_customer_order.php. The manipulation of the argument uploaded_file leads to unrestricted upload. It is possible to initiate the attack remotely.

Exploits (1)

nomisec WORKING POC

by haxerr9 · poc

https://github.com/haxerr9/CVE-2025-5840

View Code ZIP pw:eip

This exploit targets an arbitrary file upload vulnerability in a web application, allowing an attacker to upload a malicious PHP file (webshell) to the server. The PoC uses a POST request to upload a file with a PHP payload that executes system commands via a GET parameter.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Unknown web application (likely a custom or niche CMS with 'cdm' directory structure)

No auth needed

Prerequisites: Target must have the vulnerable endpoint '/cdm/user_update_customer_order.php' · Target must allow file uploads to the '/cdm/files/' directory · PHP must be executed on the target server

MITRE ATT&CK

T1105 - Ingress Tool Transfer T1505.003 - Web Shell

devstral-2 · analyzed Feb 16, 2026 Full analysis →