246 matches found
CVE-2025-10251
A vulnerability was detected in FoxCMS up to 1.24. Affected by this issue is the function batchCope of the file /app/admin/controller/Images.php. The manipulation of the argument ids results in sql injection. It is possible to launch the attack remotely. The exploit is now public and may be used...
CVE-2025-10251
A vulnerability was detected in FoxCMS up to 1.24. Affected by this issue is the function batchCope of the file /app/admin/controller/Images.php. The manipulation of the argument ids results in sql injection. It is possible to launch the attack remotely. The exploit is now public and may be used...
CVE-2025-10251 FoxCMS Images.php batchCope sql injection
A vulnerability was detected in FoxCMS up to 1.24. Affected by this issue is the function batchCope of the file /app/admin/controller/Images.php. The manipulation of the argument ids results in sql injection. It is possible to launch the attack remotely. The exploit is now public and may be used...
CVE-2025-10251
FoxCMS
CVE-2025-10251 FoxCMS Images.php batchCope sql injection
A vulnerability was detected in FoxCMS up to 1.24. Affected by this issue is the function batchCope of the file /app/admin/controller/Images.php. The manipulation of the argument ids results in sql injection. It is possible to launch the attack remotely. The exploit is now public and may be used...
FoxCMS 安全漏洞
FoxCMS is a PHP-based content management system that provides web content management and publishing functions. A SQL injection vulnerability exists in FoxCMS 1.24 and earlier versions, which originates from the batchCope function in the /app/admin/controller/Images.php file that does not securely...
PT-2025-37181
Name of the Vulnerable Software and Affected Versions: FoxCMS versions prior to 1.24 Description: A SQL injection issue exists in FoxCMS due to the manipulation of the ids argument within the batchCope function located in the /app/admin/controller/Images.php file. This allows for remote...
CVE-2025-56630
FoxCMS v1.2.5 and before is vulnerable to SQL Injection via the columnmodel parameter in the app/admin/controller/Column.php file...
CVE-2025-56630
FoxCMS v1.2.5 and before is vulnerable to SQL Injection via the columnmodel parameter in the app/admin/controller/Column.php file...
CVE-2025-56630
FoxCMS v1.2.5 and before is vulnerable to SQL Injection via the columnmodel parameter in the app/admin/controller/Column.php file...
CVE-2025-56630
FoxCMS v1.2.5 and before is vulnerable to SQL Injection via the columnmodel parameter in the app/admin/controller/Column.php file...
FoxCMS 安全漏洞
FoxCMS is a free commercial open source content management system from China Qianxu FoxCMS company. A security vulnerability exists in FoxCMS v1.2.5 and earlier versions, which originates from SQL injection of columnmodel parameter in app/admin/controller/Column.php file...
CVE-2025-56630
FoxCMS v1.2.5 and before is vulnerable to SQL Injection via the columnmodel parameter in the app/admin/controller/Column.php file...
CVE-2025-56630
FoxCMS v1.2.5 and earlier are affected by an SQL Injection in the column_model parameter of app/admin/controller/Column.php. The vulnerability arises from improper handling of input in this file, enabling attacker-controlled SQL execution. CVSSv3.1 base score is 7.3 (HIGH) with Network attack vec...
PT-2025-36470
Name of the Vulnerable Software and Affected Versions: FoxCMS versions prior to 1.2.6 Description: FoxCMS is susceptible to a SQL Injection issue through the column model parameter located in the app/admin/controller/Column.php file. Recommendations: Update FoxCMS to version 1.2.6 or later...
CVE-2025-56435
SQL Injection vulnerability in FoxCMS v1.2.6 and before allows a remote attacker to execute arbitrary code via the. file /DataBackup.php and the operation on the parameter id...
CVE-2025-56435
SQL Injection vulnerability in FoxCMS v1.2.6 and before allows a remote attacker to execute arbitrary code via the. file /DataBackup.php and the operation on the parameter id...
CVE-2025-56435
SQL Injection vulnerability in FoxCMS v1.2.6 and before allows a remote attacker to execute arbitrary code via the. file /DataBackup.php and the operation on the parameter id...
CVE-2025-56435
SQL Injection vulnerability in FoxCMS v1.2.6 and before allows a remote attacker to execute arbitrary code via the. file /DataBackup.php and the operation on the parameter id...
CVE-2025-56435
SQL Injection vulnerability in FoxCMS v1.2.6 and before allows a remote attacker to execute arbitrary code via the. file /DataBackup.php and the operation on the parameter id...