Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

246 matches found

NVD
NVDadded 2025/09/11 1:15 p.m.5 views

CVE-2025-10251

A vulnerability was detected in FoxCMS up to 1.24. Affected by this issue is the function batchCope of the file /app/admin/controller/Images.php. The manipulation of the argument ids results in sql injection. It is possible to launch the attack remotely. The exploit is now public and may be used...

9.8CVSS0.00336EPSS
Exploits1References4
OSV
OSVadded 2025/09/11 1:15 p.m.6 views

CVE-2025-10251

A vulnerability was detected in FoxCMS up to 1.24. Affected by this issue is the function batchCope of the file /app/admin/controller/Images.php. The manipulation of the argument ids results in sql injection. It is possible to launch the attack remotely. The exploit is now public and may be used...

9.8CVSS5.7AI score0.00336EPSS
Exploits1References4
Cvelist
Cvelistadded 2025/09/11 1:2 p.m.6 views

CVE-2025-10251 FoxCMS Images.php batchCope sql injection

A vulnerability was detected in FoxCMS up to 1.24. Affected by this issue is the function batchCope of the file /app/admin/controller/Images.php. The manipulation of the argument ids results in sql injection. It is possible to launch the attack remotely. The exploit is now public and may be used...

6.5CVSS0.00336EPSS
Exploits1References4
Vulnrichment
Vulnrichmentadded 2025/09/11 1:2 p.m.4 views

CVE-2025-10251 FoxCMS Images.php batchCope sql injection

A vulnerability was detected in FoxCMS up to 1.24. Affected by this issue is the function batchCope of the file /app/admin/controller/Images.php. The manipulation of the argument ids results in sql injection. It is possible to launch the attack remotely. The exploit is now public and may be used...

6.5CVSS6.7AI score0.00336EPSS
Exploits1References4
CVE
CVEadded 2025/09/11 1:2 p.m.15 views

CVE-2025-10251

FoxCMS

9.8CVSS6.7AI score0.00336EPSS
Exploits1References4Affected Software1
CNNVD
CNNVDadded 2025/09/11 12:0 a.m.2 views

FoxCMS 安全漏洞

FoxCMS is a PHP-based content management system that provides web content management and publishing functions. A SQL injection vulnerability exists in FoxCMS 1.24 and earlier versions, which originates from the batchCope function in the /app/admin/controller/Images.php file that does not securely...

9.8CVSS7.7AI score0.00336EPSS
Exploits1References5
Positive Technologies
Positive Technologiesadded 2025/09/11 12:0 a.m.5 views

PT-2025-37181

Name of the Vulnerable Software and Affected Versions: FoxCMS versions prior to 1.24 Description: A SQL injection issue exists in FoxCMS due to the manipulation of the ids argument within the batchCope function located in the /app/admin/controller/Images.php file. This allows for remote...

6.5CVSS6.6AI score0.00336EPSS
Exploits1References6
RedhatCVE
RedhatCVEadded 2025/09/10 12:34 a.m.58 views

CVE-2025-56630

FoxCMS v1.2.5 and before is vulnerable to SQL Injection via the columnmodel parameter in the app/admin/controller/Column.php file...

7.3CVSS8.1AI score0.00201EPSS
Exploits0References1
NVD
NVDadded 2025/09/08 3:15 p.m.3 views

CVE-2025-56630

FoxCMS v1.2.5 and before is vulnerable to SQL Injection via the columnmodel parameter in the app/admin/controller/Column.php file...

7.3CVSS0.00201EPSS
Exploits0References1
OSV
OSVadded 2025/09/08 3:15 p.m.2 views

CVE-2025-56630

FoxCMS v1.2.5 and before is vulnerable to SQL Injection via the columnmodel parameter in the app/admin/controller/Column.php file...

7.3CVSS5.9AI score0.00201EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/09/08 12:0 a.m.7 views

CVE-2025-56630

FoxCMS v1.2.5 and before is vulnerable to SQL Injection via the columnmodel parameter in the app/admin/controller/Column.php file...

0.00201EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/09/08 12:0 a.m.4 views

CVE-2025-56630

FoxCMS v1.2.5 and before is vulnerable to SQL Injection via the columnmodel parameter in the app/admin/controller/Column.php file...

7.5AI score0.00201EPSS
Exploits0References1
CNNVD
CNNVDadded 2025/09/08 12:0 a.m.3 views

FoxCMS 安全漏洞

FoxCMS is a free commercial open source content management system from China Qianxu FoxCMS company. A security vulnerability exists in FoxCMS v1.2.5 and earlier versions, which originates from SQL injection of columnmodel parameter in app/admin/controller/Column.php file...

7.3CVSS7.8AI score0.00201EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2025/09/08 12:0 a.m.4 views

PT-2025-36470

Name of the Vulnerable Software and Affected Versions: FoxCMS versions prior to 1.2.6 Description: FoxCMS is susceptible to a SQL Injection issue through the column model parameter located in the app/admin/controller/Column.php file. Recommendations: Update FoxCMS to version 1.2.6 or later...

7.3CVSS7.3AI score0.00201EPSS
Exploits0References5
CVE
CVEadded 2025/09/08 12:0 a.m.11 views

CVE-2025-56630

FoxCMS v1.2.5 and earlier are affected by an SQL Injection in the column_model parameter of app/admin/controller/Column.php. The vulnerability arises from improper handling of input in this file, enabling attacker-controlled SQL execution. CVSSv3.1 base score is 7.3 (HIGH) with Network attack vec...

7.3CVSS7.5AI score0.00201EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVEadded 2025/09/05 12:35 a.m.10 views

CVE-2025-56435

SQL Injection vulnerability in FoxCMS v1.2.6 and before allows a remote attacker to execute arbitrary code via the. file /DataBackup.php and the operation on the parameter id...

5.3CVSS8.7AI score0.00329EPSS
Exploits1References1
NVD
NVDadded 2025/09/03 4:15 p.m.7 views

CVE-2025-56435

SQL Injection vulnerability in FoxCMS v1.2.6 and before allows a remote attacker to execute arbitrary code via the. file /DataBackup.php and the operation on the parameter id...

5.3CVSS0.00329EPSS
Exploits1References1
OSV
OSVadded 2025/09/03 4:15 p.m.3 views

CVE-2025-56435

SQL Injection vulnerability in FoxCMS v1.2.6 and before allows a remote attacker to execute arbitrary code via the. file /DataBackup.php and the operation on the parameter id...

5.3CVSS6.3AI score0.00329EPSS
Exploits1References1
CNNVD
CNNVDadded 2025/09/03 12:0 a.m.2 views

FoxCMS 安全漏洞

FoxCMS is a free commercial open source content management system from China Qianxu FoxCMS company. A security vulnerability exists in FoxCMS v1.2.6 and earlier versions, which originates from the incorrect operation of the parameter id in the file /DataBackup.php leading to SQL injection...

5.3CVSS7.1AI score0.00329EPSS
Exploits1References2
Cvelist
Cvelistadded 2025/09/03 12:0 a.m.8 views

CVE-2025-56435

SQL Injection vulnerability in FoxCMS v1.2.6 and before allows a remote attacker to execute arbitrary code via the. file /DataBackup.php and the operation on the parameter id...

0.00329EPSS
Exploits1References1
Rows per page
Query Builder