CVE-2025-2653

Medium CVSS: 5.3

A vulnerability was found in FoxCMS 1.25 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to improper authorization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Vendor

Qianfox

Product

Foxcms

CWE

CWE-266

Yayın Tarihi

2025-03-23 16:15:13

Güncelleme

2025-07-16 15:04:44

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-266 Foxcms MEDIUM Qianfox 2025

Referanslar

https://vuldb.com/?ctiid.300668 https://vuldb.com/?id.300668 https://vuldb.com/?submit.519927 https://www.yuque.com/yuqueyonghuveuwuh/aveeid/nvg6rd3qw1ww83yo?singleDoc

Benzer Kayıtlar

Medium

CVE-2025-11306

A vulnerability was found in qianfox FoxCMS up to 1.2. This affects an unknown part of the file /index.php/Search of the…

Medium

CVE-2025-51650

An arbitrary file upload vulnerability in the component /controller/PicManager.php of FoxCMS v1.2.6 allows attackers to…

Medium

CVE-2025-7568

A vulnerability was found in qianfox FoxCMS up to 1.2.5. It has been classified as critical. Affected is the function ba…

Medium

CVE-2025-6094

A vulnerability, which was classified as critical, has been found in qianfox FoxCMS up to 1.2.5. This issue affects the…

Critical

CVE-2025-45238

foxcms v1.2.5 was discovered to contain an arbitrary file deletion vulnerability via the delRestoreSerie method.

Medium

CVE-2025-45239

An issue in the restores method (DataBackup.php) of foxcms v2.0.6 allows attackers to execute a directory traversal.