Lucene search
K

21 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-13452

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00258EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-25450

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.0046EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-11559

Malicious code in bioql PyPI...

7.2CVSS6.5AI score0.00317EPSS
Exploits0References1
CVE
CVE
added 2025/09/03 12:0 a.m.15 views

CVE-2025-56435

FoxCMS

5.3CVSS8.2AI score0.00329EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2025/08/27 12:0 a.m.9 views

CVE-2025-55422

In FoxCMS 1.2.6, there is a reflected Cross Site Scripting XSS vulnerability in /index.php/plus...

0.00407EPSS
Exploits1References2
NVD
NVD
added 2025/08/25 4:15 p.m.4 views

CVE-2025-55409

FoxCMS 1.2.6, there is a Cross Site Scripting vulnerability in /index.php/article. This allows attackers to execute arbitrary code...

8.8CVSS0.00476EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/08/25 12:0 a.m.2 views

CVE-2025-55409

FoxCMS 1.2.6, there is a Cross Site Scripting vulnerability in /index.php/article. This allows attackers to execute arbitrary code...

6.7AI score0.00476EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/08/25 12:0 a.m.4 views

PT-2025-34666 · Foxcms · Foxcms

Name of the Vulnerable Software and Affected Versions: FoxCMS version 1.2.6 Description: FoxCMS version 1.2.6 contains a Cross Site Scripting issue in the /index.php/article endpoint. This allows attackers to execute arbitrary code. Recommendations: As a temporary workaround, consider restricting...

8.8CVSS6.7AI score0.00476EPSS
Exploits1References5
NVD
NVD
added 2025/08/21 4:15 p.m.5 views

CVE-2025-55420

A Reflected Cross Site Scripting XSS vulnerability was found in /index.php in FoxCMS v1.2.6. When a crafted script is sent via a GET request, it is reflected unsanitized into the HTML response. This permits execution of arbitrary JavaScript code when a logged-in user submits the malicious input...

8.8CVSS0.0046EPSS
Exploits1References1
NVD
NVD
added 2025/06/03 2:15 p.m.7 views

CVE-2025-46154

Foxcms v1.25 has a SQL time injection in the $POST'dbname' parameter of installdb.php...

8.4CVSS0.00196EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/03 12:0 a.m.6 views

CVE-2025-46154

Foxcms v1.25 has a SQL time injection in the $POST'dbname' parameter of installdb.php...

8.9AI score0.00196EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/06/03 12:0 a.m.5 views

PT-2025-23616 · Foxcms · Foxcms

Name of the Vulnerable Software and Affected Versions: Foxcms version 1.25 Description: The issue is related to a SQL time injection in the installdb.php script, specifically affecting the $ POST'dbname' parameter. This allows for potential exploitation. Recommendations: For Foxcms version 1.25,...

8.4CVSS7.1AI score0.00196EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/05/27 7:31 p.m.14 views

CVE-2025-5155

A vulnerability has been found in qianfox FoxCMS 1.2.5 and classified as critical. Affected by this vulnerability is the function batchCope of the file app/admin/controller/Article.php. The manipulation of the argument ids leads to sql injection. The attack can be launched remotely. The exploit h...

8.8CVSS7.2AI score0.00405EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/05/25 12:0 a.m.5 views

PT-2025-22867 · Qianfox · Foxcms

Name of the Vulnerable Software and Affected Versions: qianfox FoxCMS version 1.2.5 Description: A critical issue has been found in the batchCope function of the app/admin/controller/Article.php file. The manipulation of the ids argument leads to SQL injection. This issue can be exploited remotel...

8.8CVSS6.7AI score0.00405EPSS
Exploits1References11
RedhatCVE
RedhatCVE
added 2025/05/07 12:24 a.m.18 views

CVE-2025-45239

An issue in the restores method DataBackup.php of foxcms v2.0.6 allows attackers to execute a directory traversal...

5.3CVSS7.2AI score0.00702EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/07 12:24 a.m.20 views

CVE-2025-45240

foxcms v1.2.5 was discovered to contain a SQL injection vulnerability via the executeCommand method in DataBackup.php...

6.5CVSS8.3AI score0.00258EPSS
Exploits1References1
CVE
CVE
added 2025/05/05 12:0 a.m.59 views

CVE-2025-45238

FoxCMS v1.2.5 is affected by an arbitrary file deletion vulnerability via the delRestoreSerie method. The issue stems from the delRestoreSerie functionality and can lead to deletion of arbitrary files, as described across multiple sources (including Red Hat and PT Security advisories). The vulner...

9.1CVSS7.2AI score0.00566EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/05/05 12:0 a.m.4 views

PT-2025-19729 · Foxcms · Foxcms

Name of the Vulnerable Software and Affected Versions: foxcms version 1.2.5 Description: The issue is a SQL injection vulnerability via the executeCommand method in DataBackup.php. This vulnerability allows for potential SQL injection attacks. Recommendations: For foxcms version 1.2.5, consider...

6.5CVSS7AI score0.00258EPSS
Exploits1References8
Cvelist
Cvelist
added 2025/05/05 12:0 a.m.14 views

CVE-2025-45238

foxcms v1.2.5 was discovered to contain an arbitrary file deletion vulnerability via the delRestoreSerie method...

0.00566EPSS
Exploits1References2
NVD
NVD
added 2025/04/17 5:15 p.m.29 views

CVE-2025-29181

FOXCMS = V1.25 is vulnerable to SQL Injection via $param'title' in /admin/util/Field.php...

7.2CVSS0.00317EPSS
Exploits0References1
Rows per page
Query Builder