EUVD-2025-13452

Malicious code in bioql PyPI...

CVE-2025-5155

A vulnerability has been found in qianfox FoxCMS 1.2.5 and classified as critical. Affected by this vulnerability is the function batchCope of the file app/admin/controller/Article.php. The manipulation of the argument ids leads to sql injection. The attack can be launched remotely. The exploit h...

PT-2025-22867 · Qianfox · Foxcms

Name of the Vulnerable Software and Affected Versions: qianfox FoxCMS version 1.2.5 Description: A critical issue has been found in the batchCope function of the app/admin/controller/Article.php file. The manipulation of the ids argument leads to SQL injection. This issue can be exploited remotel...

PT-2025-19729 · Foxcms · Foxcms

Name of the Vulnerable Software and Affected Versions: foxcms version 1.2.5 Description: The issue is a SQL injection vulnerability via the executeCommand method in DataBackup.php. This vulnerability allows for potential SQL injection attacks. Recommendations: For foxcms version 1.2.5, consider...

CVE-2025-45238

foxcms v1.2.5 was discovered to contain an arbitrary file deletion vulnerability via the delRestoreSerie method...

CVE-2025-45238

FoxCMS v1.2.5 is affected by an arbitrary file deletion vulnerability via the delRestoreSerie method. The issue stems from the delRestoreSerie functionality and can lead to deletion of arbitrary files, as described across multiple sources (including Red Hat and PT Security advisories). The vulner...

PT-2025-13394

Name of the Vulnerable Software and Affected Versions FoxCMS version 1.2.5 Description An issue in FoxCMS allows a remote attacker to execute arbitrary code via the case display page in the index.html component. The vulnerability is related to a remote code execution issue. Recommendations For...