61 matches found
CVE-2026-9609 QianFox FoxCMS Admin.php edit password recovery
A vulnerability was identified in QianFox FoxCMS up to 1.2.6. This affects the function Edit of the file Admin.php. The manipulation leads to weak password recovery. The attack can be initiated remotely. The exploit is publicly available and might be used. The project was informed of the problem...
PT-2026-43470
A vulnerability was determined in QianFox FoxCMS up to 1.2.6. The impacted element is an unknown function of the file /Tag/edit of the component Administrator Backend. Executing a manipulation can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been...
EUVD-2025-15106
Malicious code in bioql PyPI...
EUVD-2025-5358
Malicious code in bioql PyPI...
EUVD-2025-5357
Malicious code in bioql PyPI...
EUVD-2024-51181
Malicious code in bioql PyPI...
EUVD-2025-18349
Malicious code in bioql PyPI...
EUVD-2024-51180
Malicious code in bioql PyPI...
EUVD-2025-23948
Malicious code in bioql PyPI...
CVE-2025-10251
A vulnerability was detected in FoxCMS up to 1.24. Affected by this issue is the function batchCope of the file /app/admin/controller/Images.php. The manipulation of the argument ids results in sql injection. It is possible to launch the attack remotely. The exploit is now public and may be used...
PT-2025-37181
Name of the Vulnerable Software and Affected Versions: FoxCMS versions prior to 1.24 Description: A SQL injection issue exists in FoxCMS due to the manipulation of the ids argument within the batchCope function located in the /app/admin/controller/Images.php file. This allows for remote...
CVE-2025-50692
FoxCMS =v1.2.5 is vulnerable to Code Execution in admin/templatefile/editFile.html...
CVE-2025-50692
FoxCMS =v1.2.5 is vulnerable to Code Execution in admin/templatefile/editFile.html...
PT-2025-32304 · Foxcms · Foxcms
Name of the Vulnerable Software and Affected Versions: FoxCMS versions prior to 1.2.5 Description: FoxCMS is susceptible to code execution via the admin/template file/editFile.html endpoint. Recommendations: Update FoxCMS to a version later than 1.2.5...
CVE-2025-50692
FoxCMS =v1.2.5 is vulnerable to Code Execution in admin/templatefile/editFile.html...
CVE-2025-7568
A vulnerability was found in qianfox FoxCMS up to 1.2.5. It has been classified as critical. Affected is the function batchCope of the file app/admin/controller/Video.php. The manipulation of the argument ids leads to sql injection. It is possible to launch the attack remotely. The exploit has be...
CVE-2025-51650
An arbitrary file upload vulnerability in the component /controller/PicManager.php of FoxCMS v1.2.6 allows attackers to execute arbitrary code via uploading a crafted template file...
CVE-2025-51650
An arbitrary file upload vulnerability in the component /controller/PicManager.php of FoxCMS v1.2.6 allows attackers to execute arbitrary code via uploading a crafted template file...
CVE-2025-7568
A vulnerability was found in qianfox FoxCMS up to 1.2.5. It has been classified as critical. Affected is the function batchCope of the file app/admin/controller/Video.php. The manipulation of the argument ids leads to sql injection. It is possible to launch the attack remotely. The exploit has be...
PT-2025-29417 · Foxcms · Foxcms
Name of the Vulnerable Software and Affected Versions: FoxCMS versions up to 1.2.5 Description: A critical issue exists in FoxCMS that allows for remote SQL injection. The batchCope function within the app/admin/controller/Video.php file is affected. Manipulation of the ids argument can lead to...