Unrestricted File Upload Vulnerability in SourceCodester Client Database Management System
CVE-2025-5840
6.9MEDIUM
Key Information:
- Vendor
Sourcecodester
- Vendor
- CVE Published:
- 7 June 2025
What is CVE-2025-5840?
The SourceCodester Client Database Management System version 1.0 contains a vulnerability in the '/user_update_customer_order.php' file that allows unauthorized users to upload files. This unrestricted file upload flaw can be exploited remotely, posing a significant risk to systems utilizing the software. Proper validation and sanitization of file inputs are critical to mitigate such vulnerabilities and protect sensitive data.
Affected Version(s)
Client Database Management System 1.0