Foxcms
CVE-2025-29306
CRITICAL
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
3DescriptionCVE.org
An issue in FoxCMS v.1.2.5 allows a remote attacker to execute arbitrary code via the case display page in the index.html component.
AnalysisAI
FoxCMS version 1.2.5 contains an unauthenticated remote code execution vulnerability in the case display page of the index.html component. Attackers can inject and execute arbitrary PHP code on the server through crafted requests to the case display functionality.
Technical ContextAI
The case display functionality in FoxCMS processes user input through a template engine that fails to sanitize PHP code injection attempts. By submitting crafted content to the case display page, an attacker can inject PHP code that is evaluated server-side during template rendering. No authentication is required to access the vulnerable endpoint.
RemediationAI
Update FoxCMS to the latest version. Implement WAF rules blocking PHP code patterns in request parameters. Sanitize all template engine inputs to prevent code injection. Consider migrating to a more actively maintained CMS platform.
FoxCMS v1.2.5 was discovered to contain a remote code execution (RCE) vulnerability via the index() method at \controlle
An arbitrary file upload vulnerability in the component \controller\LocalTemplate.php of FoxCMS v1.2.5 allows attackers
foxcms v1.2.5 was discovered to contain an arbitrary file deletion vulnerability via the delRestoreSerie method. Rated c
FoxCMS 1.2.6, there is a Cross Site Scripting vulnerability in /index.php/article. Rated high severity (CVSS 8.8), this
In FoxCMS 1.2.6, there is a reflected Cross Site Scripting (XSS) vulnerability in /index.php/plus. Rated high severity (
foxcms v1.2.5 was discovered to contain a SQL injection vulnerability via the executeCommand method in DataBackup.php. R
An arbitrary file upload vulnerability in the component /controller/PicManager.php of FoxCMS v1.2.6 allows attackers to
An issue in the restores method (DataBackup.php) of foxcms v2.0.6 allows attackers to execute a directory traversal. Rat
Foxcms v1.25 contains a SQL time-based injection vulnerability in the installdb.php installation script, specifically in
FoxCMS v1.2.5 and before is vulnerable to SQL Injection via the column_model parameter in the app/admin/controller/Colum
FOXCMS <= V1.25 is vulnerable to SQL Injection via $param['title'] in /admin/util/Field.php. Rated high severity (CVSS 7
In FOXCMS <=1.25, the installdb.php file has a time - based blind SQL injection vulnerability. Rated high severity (CVSS
Same weakness CWE-94 – Code Injection
View allShare
External POC / Exploit Code
Leaving vuln.today