ГлавнаяУязвимости → CVE-2025-29180
7.2высокая

CVE-2025-29180

Описание

In FOXCMS <=1.25, the installdb.php file has a time - based blind SQL injection vulnerability. The url_prefix, domain, and my_website POST parameters are directly concatenated into SQL statements without filtering.

Затрагиваемое ПО
Foxcms Foxcms
CVSS
Балл7.2 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Источники
https://gist.github.com/X1lyS/5075ba1e6bebff26fcd58609493fd5f2