CVE-2025-5840 PoC — SourceCodester Client Database Management System user_update_customer_order.php unrestricted upload

Source

Associated Vulnerability

Description

CVE-2025-5840 Exploit Written In Python By haxerr9

Readme

# CVE-2025-5840
CVE-2025-5840 Exploit In Python By hax / haxerr9

# How To Use:
- Make sure Python3 is installed at system.
- Run "python3 CVE-2025-5840.py [URL] -c [COMMAND]".

Don't forget to give it parameters before running the script.

# Example Use:
![Screenshot_20250608_180010](https://github.com/user-attachments/assets/f2bb86ea-86a9-4550-8057-cc2826ad0542)

# NOT TESTED
This exploit is not tested in a lab environment. Please open an issue if it's not working (In cases that you are sure the system / server is vulnerable and exploit is not working) and let me know.

# IMPORTANT NOTICE:
This exploit is written for educational purposes only. Only use it for education or in environments you own or have explicit permission to test. Unauthorized use against systems you do not own is illegal and unethical. Use at your own risk. The author of this exploit (hax / haxerr9) takes NO responsibility for any damage caused by the use or misuse of this code.

File Snapshot

 [4.0K]  /data/pocs/9d9eca2cb4590044bea60f774e6ac4007a232943
├── [1.4K]  CVE-2025-5840.py
└── [ 964]  README.md

0 directories, 2 files

Remarks