246 matches found
📄 FoxCMS 1.0 Code Injection
FoxCMS version 1.0 proof of concept remote code injection exploit. ============================================================================================================================================= | Title : FoxCMS v1.0 php code innjection | | Author : indoushka | | Tested on : windows...
Exploit for Code Injection in Foxcms
🌐 CVE-2025-29306 Critical Remote Code Execution RCE in Fo...
CVE-2025-12920
A flaw has been found in qianfox FoxCMS up to 1.2.16. Affected by this vulnerability is the function add/edit of the file app/admin/controller/Product.php. This manipulation of the argument Title causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been...
CVE-2025-12920
A flaw has been found in qianfox FoxCMS up to 1.2.16. Affected by this vulnerability is the function add/edit of the file app/admin/controller/Product.php. This manipulation of the argument Title causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been...
CVE-2025-12920
A flaw has been found in qianfox FoxCMS up to 1.2.16. Affected by this vulnerability is the function add/edit of the file app/admin/controller/Product.php. This manipulation of the argument Title causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been...
CVE-2025-12920 qianfox FoxCMS Product.php edit cross site scripting
A flaw has been found in qianfox FoxCMS up to 1.2.16. Affected by this vulnerability is the function add/edit of the file app/admin/controller/Product.php. This manipulation of the argument Title causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been...
CVE-2025-12920 qianfox FoxCMS Product.php edit cross site scripting
A flaw has been found in qianfox FoxCMS up to 1.2.16. Affected by this vulnerability is the function add/edit of the file app/admin/controller/Product.php. This manipulation of the argument Title causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been...
CVE-2025-12920
FoxCMS up to 1.2.16 contains a cross-site scripting vulnerability in the add/edit path (app/admin/controller/Product.php, Title parameter). The issue can be triggered remotely and an exploit has been published; vendor did not respond. Affected versions should be updated to mitigate; as a workarou...
FoxCMS 代码注入漏洞
FoxCMS is a free commercial open source content management system from China Qianxu FoxCMS. FoxCMS 1.2.16 and previous versions of the existence of cross-site scripting vulnerability, the vulnerability stems from the file app/admin/controller/Product.php parameter Title on the user-provided data...
PT-2025-45582
Name of the Vulnerable Software and Affected Versions qianfox FoxCMS versions up to 1.2.16 Description A cross-site scripting issue exists in the add/edit function of the app/admin/controller/Product.php file. Manipulation of the Title argument can trigger this issue. The attack can be initiated...
CVE-2025-11306
A vulnerability was found in qianfox FoxCMS up to 1.2. This affects an unknown part of the file /index.php/Search of the component Search Page. The manipulation of the argument keyword results in cross site scripting. The attack can be executed remotely. The exploit has been made public and could...
EUVD-2025-32473
A vulnerability was found in qianfox FoxCMS up to 1.2. This affects an unknown part of the file /index.php/Search of the component Search Page. The manipulation of the argument keyword results in cross site scripting. The attack can be executed remotely. The exploit has been made public and could...
CVE-2025-11306
A vulnerability was found in qianfox FoxCMS up to 1.2. This affects an unknown part of the file /index.php/Search of the component Search Page. The manipulation of the argument keyword results in cross site scripting. The attack can be executed remotely. The exploit has been made public and could...
CVE-2025-11306
A vulnerability was found in qianfox FoxCMS up to 1.2. This affects an unknown part of the file /index.php/Search of the component Search Page. The manipulation of the argument keyword results in cross site scripting. The attack can be executed remotely. The exploit has been made public and could...
CVE-2025-11306 qianfox FoxCMS Search cross site scripting
A vulnerability was found in qianfox FoxCMS up to 1.2. This affects an unknown part of the file /index.php/Search of the component Search Page. The manipulation of the argument keyword results in cross site scripting. The attack can be executed remotely. The exploit has been made public and could...
CVE-2025-11306
FoxCMS (qianfox) up to version 1.2 contains a cross-site scripting flaw in the Search Page component, specifically in /index.php/Search where manipulation of the keyword parameter enables remote exploitation. Multiple sources (NVD, Red Hat, EUVD, CVE lists, and vendor/information aggregators) con...
PT-2025-40822
Name of the Vulnerable Software and Affected Versions qianfox FoxCMS versions up to 1.2 Description A cross site scripting issue exists in the Search Page component of qianfox FoxCMS. The issue is located in the /index.php/Search file and involves manipulation of the keyword argument. The exploit...
FoxCMS 安全漏洞
FoxCMS is a free commercial open source content management system from China Qianxu FoxCMS company. A security vulnerability exists in FoxCMS 1.2 and earlier versions, which stems from the incorrect operation of the parameter keyword in the file /index.php/Search, which may lead to a cross-site...
EUVD-2025-11560
Malicious code in bioql PyPI...
EUVD-2025-16731
Malicious code in bioql PyPI...