CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

246 matches found

Vulnrichment•added 2025/04/17 12:0 a.m.•7 views

CVE-2025-29180

In FOXCMS =1.25, the installdb.php file has a time - based blind SQL injection vulnerability. The urlprefix, domain, and mywebsite POST parameters are directly concatenated into SQL statements without filtering...

7.4AI score0.00317EPSS

Exploits0References1

Positive Technologies•added 2025/04/17 12:0 a.m.•6 views

PT-2025-17203 · Foxcms · Foxcms

Name of the Vulnerable Software and Affected Versions: FOXCMS versions 1.25 and earlier Description: The issue concerns a time-based blind SQL injection vulnerability in the installdb.php file. The url prefix, domain, and my website POST parameters are directly concatenated into SQL statements...

7.2CVSS7AI score0.00317EPSS

Exploits0References7

Packet Storm News•added 2025/04/17 12:0 a.m.•2 views

FoxCMS 1.2.5 Remote Code Execution

FoxCMS version 1.2.5 proof of concept remote code execution exploit...

9.8CVSS8.2AI score0.43655EPSS

Exploits11

RedhatCVE•added 2025/03/29 12:31 a.m.•16 views

CVE-2025-29306

An issue in FoxCMS v.1.2.5 allows a remote attacker to execute arbitrary code via the case display page in the index.html component...

9.8CVSS8.2AI score0.43655EPSS

Exploits11References1

NVD•added 2025/03/27 7:15 p.m.•20 views

CVE-2025-29306

An issue in FoxCMS v.1.2.5 allows a remote attacker to execute arbitrary code via the case display page in the index.html component...

9.8CVSS0.43655EPSS

Exploits11References1

OSV•added 2025/03/27 7:15 p.m.•4 views

CVE-2025-29306

An issue in FoxCMS v.1.2.5 allows a remote attacker to execute arbitrary code via the case display page in the index.html component...

9.8CVSS6.1AI score0.43655EPSS

Exploits11References1

CNNVD•added 2025/03/27 12:0 a.m.•8 views

FoxCMS 代码注入漏洞

FoxCMS is a free commercial open source content management system from China Qianxu FoxCMS company. A security vulnerability exists in FoxCMS version 1.2.5, which originates from the index.html component that allows execution of arbitrary code...

9.8CVSS6.8AI score0.43655EPSS

Exploits11References3

Vulnrichment•added 2025/03/27 12:0 a.m.•10 views

CVE-2025-29306

An issue in FoxCMS v.1.2.5 allows a remote attacker to execute arbitrary code via the case display page in the index.html component...

8.1AI score0.43655EPSS

Exploits11References1

Positive Technologies•added 2025/03/27 12:0 a.m.•6 views

PT-2025-13394

Name of the Vulnerable Software and Affected Versions FoxCMS version 1.2.5 Description An issue in FoxCMS allows a remote attacker to execute arbitrary code via the case display page in the index.html component. The vulnerability is related to a remote code execution issue. Recommendations For...

10CVSS8.1AI score0.43655EPSS

Exploits11References27

CVE•added 2025/03/27 12:0 a.m.•145 views

CVE-2025-29306

FoxCMS v1.2.5 (and older) contains CVE-2025-29306, a remote code execution via the id parameter on /images/index.html caused by unsafe handling of user input (unserialize()). Unauthenticated attackers can trigger arbitrary PHP code, potentially leading to full server compromise. Affected endpoint...

9.8CVSS7.6AI score0.43655EPSS

Exploits11References1Affected Software1

Cvelist•added 2025/03/27 12:0 a.m.•16 views

CVE-2025-29306

An issue in FoxCMS v.1.2.5 allows a remote attacker to execute arbitrary code via the case display page in the index.html component...

0.43655EPSS

Exploits11References1

RedhatCVE•added 2025/03/25 4:18 p.m.•20 views

CVE-2025-2653

A vulnerability was found in FoxCMS 1.25 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to improper authorization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used...

5.3CVSS7.2AI score0.00303EPSS

Exploits0References1

GithubExploit•added 2025/03/25 8:12 a.m.•109 views

Exploit for Code Injection in Foxcms

CVE-2025-29306 FOXCMS Qianhu Content Management System Servi...

9.8CVSS5.9AI score0.43655EPSS

Exploits11

OSV•added 2025/03/23 4:15 p.m.•2 views

CVE-2025-2653

5.3CVSS4.8AI score0.00303EPSS

Exploits0References4

NVD•added 2025/03/23 4:15 p.m.•17 views

CVE-2025-2653

5.3CVSS0.00303EPSS

Exploits0References4

Vulnrichment•added 2025/03/23 3:31 p.m.•16 views

CVE-2025-2653 FoxCMS improper authorization

5.3CVSS7.1AI score0.00303EPSS

Exploits0References4

CVE•added 2025/03/23 3:31 p.m.•59 views

CVE-2025-2653

FoxCMS 1.25 is affected by CVE-2025-2653, which is described as an improper authorization vulnerability that can be exploited remotely. The connected sources consistently reference FoxCMS 1.25 and indicate a remote-attack vector with unknown details about the exact vulnerable component or entry p...

5.3CVSS4.7AI score0.00303EPSS

Exploits0References4Affected Software1

Cvelist•added 2025/03/23 3:31 p.m.•20 views

CVE-2025-2653 FoxCMS improper authorization

5.3CVSS0.00303EPSS

Exploits0References4

CNNVD•added 2025/03/23 12:0 a.m.•3 views

FoxCMS 安全漏洞

FoxCMS is a free commercial open source content management system from China Qianxu FoxCMS Company. A security vulnerability exists in FoxCMS version 1.25, which originates from improper authorization...

5.3CVSS4.9AI score0.00303EPSS

Exploits0References4

RedhatCVE•added 2025/02/28 12:26 a.m.•8 views

CVE-2025-25789

FoxCMS v1.2.5 was discovered to contain a remote code execution RCE vulnerability via the index method at \controller\Sitemap.php...

9.8CVSS8.3AI score0.0146EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by