Filtered by vendor Qianfox
Subscribe
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-45240 | 1 Qianfox | 1 Foxcms | 2025-06-12 | N/A | 6.5 MEDIUM |
| foxcms v1.2.5 was discovered to contain a SQL injection vulnerability via the executeCommand method in DataBackup.php. | |||||
| CVE-2025-45238 | 1 Qianfox | 1 Foxcms | 2025-06-12 | N/A | 9.1 CRITICAL |
| foxcms v1.2.5 was discovered to contain an arbitrary file deletion vulnerability via the delRestoreSerie method. | |||||
| CVE-2025-45239 | 1 Qianfox | 1 Foxcms | 2025-06-12 | N/A | 5.3 MEDIUM |
| An issue in the restores method (DataBackup.php) of foxcms v2.0.6 allows attackers to execute a directory traversal. | |||||