246 matches found
CVE-2025-45239
An issue in the restores method DataBackup.php of foxcms v2.0.6 allows attackers to execute a directory traversal...
CVE-2025-45239
An issue in the restores method DataBackup.php of foxcms v2.0.6 allows attackers to execute a directory traversal...
CVE-2025-45238
foxcms v1.2.5 was discovered to contain an arbitrary file deletion vulnerability via the delRestoreSerie method...
CVE-2025-45238
foxcms v1.2.5 was discovered to contain an arbitrary file deletion vulnerability via the delRestoreSerie method...
CVE-2025-45240
foxcms v1.2.5 was discovered to contain a SQL injection vulnerability via the executeCommand method in DataBackup.php...
CVE-2025-45240
foxcms v1.2.5 was discovered to contain a SQL injection vulnerability via the executeCommand method in DataBackup.php...
CVE-2025-45240
foxcms v1.2.5 was discovered to contain a SQL injection vulnerability via the executeCommand method in DataBackup.php...
CVE-2025-45240
foxcms v1.2.5 was discovered to contain a SQL injection vulnerability via the executeCommand method in DataBackup.php...
CVE-2025-45239
An issue in the restores method DataBackup.php of foxcms v2.0.6 allows attackers to execute a directory traversal...
CVE-2025-45239
FoxCMS v2.0.6 contains a vulnerability in the restores method of DataBackup.php that allows a directory traversal attack. The issue stems from improper handling in the restores logic, enabling access to filesystem paths beyond the intended directory. Documented impact is limited to information ex...
CVE-2025-45238
foxcms v1.2.5 was discovered to contain an arbitrary file deletion vulnerability via the delRestoreSerie method...
FoxCMS 安全漏洞
FoxCMS is a free commercial open source content management system from China Qianxu FoxCMS company. A security vulnerability exists in FoxCMS v1.2.5, which originates from improper handling of the executeCommand method in DataBackup.php, which may lead to SQL injection attacks...
FoxCMS 安全漏洞
FoxCMS is a free commercial open source content management system from China Qianxu FoxCMS company. A security vulnerability exists in FoxCMS v2.0.6, which originates from improper handling of the restores method in DataBackup.php, which may lead to a directory traversal attack...
PT-2025-19754 · Foxcms · Foxcms
Name of the Vulnerable Software and Affected Versions: foxcms version 2.0.6 Description: An issue in the restores method of DataBackup.php allows attackers to execute a directory traversal. Recommendations: For foxcms version 2.0.6, consider restricting access to the restores method in...
CVE-2025-45238
FoxCMS v1.2.5 is affected by an arbitrary file deletion vulnerability via the delRestoreSerie method. The issue stems from the delRestoreSerie functionality and can lead to deletion of arbitrary files, as described across multiple sources (including Red Hat and PT Security advisories). The vulner...
PT-2025-19729 · Foxcms · Foxcms
Name of the Vulnerable Software and Affected Versions: foxcms version 1.2.5 Description: The issue is a SQL injection vulnerability via the executeCommand method in DataBackup.php. This vulnerability allows for potential SQL injection attacks. Recommendations: For foxcms version 1.2.5, consider...
CVE-2025-45239
An issue in the restores method DataBackup.php of foxcms v2.0.6 allows attackers to execute a directory traversal...
CVE-2025-45240
FoxCMS v1.2.5 contains a SQL injection vulnerability in the executeCommand method of DataBackup.php (CVE-2025-45240). Affects foxcms 1.2.5; impact described as likely SQL injection with low to moderate confidentiality/integity impact and no availability impact per CVSS 3.1 (AV:N/AC:L/PR:N/UI:N/S:...
PT-2025-19753 · Foxcms · Foxcms
Name of the Vulnerable Software and Affected Versions: foxcms version 1.2.5 Description: The issue is related to an arbitrary file deletion vulnerability. This vulnerability can be exploited via the delRestoreSerie method. Recommendations: For foxcms version 1.2.5, consider disabling the...
CVE-2025-45238
foxcms v1.2.5 was discovered to contain an arbitrary file deletion vulnerability via the delRestoreSerie method...