FoxCMS v.1.2.5 - Remote Code Execution

An issue in FoxCMS v.1.2.5 allows a remote attacker to execute arbitrary code via the case display page in the index.html component. id: CVE-2025-29306 info: name: FoxCMS v.1.2.5 - Remote Code Execution author: ritikchaddha severity: critical description: | An issue in FoxCMS v.1.2.5 allows a...

Exploit for Code Injection in Foxcms

Mass-CVE-2025-29306...

Exploit for Code Injection in Foxcms

Day06 — FoxCMS-style RCE CVE-2025-29306 — Educational lab T...

CVE-2022-29306

IonizeCMS v1.0.8.1 was discovered to contain a SQL injection vulnerability via the idpage parameter in application/models/articlemodel.php...

Exploit for Code Injection in Foxcms

CVE-2025-29306 - FoxCMS Remote Code Execution Exploit !Pytho...

FoxCMS 1.2.5 - Remote Code Execution (RCE)

Date: 2025-04-17 Exploit Title: Exploit Author: VeryLazyTech Vendor Homepage: https://www.foxcms.org/ Software Link: https://www.foxcms.cn/ Version: FoxCMS v.1.2.5 Tested on: Ubuntu 22.04, Windows Server 2019 CVE: CVE-2025-29306 Website: https://www.verylazytech.com !/bin/bash banner cat " exit 1...

Exploit for Code Injection in Foxcms

POC - CVE-2025-29306 FOXCMS /images/index.html Code Execution...

CVE-2025-29306

creationtimestamp| type| source ---|---|--- 2025-03-27 20:50:25+00:00| seen| https://t.me/cvedetector/21333 2025-04-17 10:18:23+00:00| seen| https://bsky.app/profile/bilaltariq01.bsky.social/post/3lmyuweu2gf24 2025-04-18 13:44:02+00:00| seen|...

CVE-2025-29306

An issue in FoxCMS v.1.2.5 allows a remote attacker to execute arbitrary code via the case display page in the index.html component...

CVE-2023-29306

creationtimestamp| type| source ---|---|--- 2023-09-13 12:00:23+00:00| seen| https://t.me/truesecator/4841 2023-09-13 12:34:51+00:00| seen| https://t.me/cibsecurity/70369...

CVE-2023-29306

Adobe Connect versions 12.3 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser...

CVE-2023-29306 Adobe Connect Reflected Cross-Site Scripting (XSS) Arbitrary code execution

Adobe Connect versions 12.3 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser...

Adobe Connect <= 12.3.0 Multiple Arbitrary Code Execution Vulnerabilities (APSB23-33)

The version of Adobe Connect installed on the remote host is prior to 12.4.1. It is, therefore, affected by multiple vulnerabilities as referenced in the apsb23-33 advisory. - Adobe Connect versions 12.3 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. If an attacke...

CVE-2022-29306

IonizeCMS v1.0.8.1 was discovered to contain a SQL injection vulnerability via the idpage parameter in application/models/articlemodel.php...

CVE-2022-29306

IonizeCMS v1.0.8.1 was discovered to contain a SQL injection vulnerability via the idpage parameter in application/models/articlemodel.php...

CVE-2022-29306

IonizeCMS v1.0.8.1 is affected by a SQL injection in the id_page parameter of application/models/article_model.php (CVE-2022-29306). The vulnerability is confirmed by multiple sources in the connected documents, with CVSSv3.1 base score 9.8 (CRITICAL) and CVSSv2 base score 7.5 (HIGH), indicating ...