CVE-2025-6094 – FoxCMS SQL Injection Vulnerability

June 15, 2025

CVE ID : CVE-2025-6094

Published : June 15, 2025, 11:15 p.m. | 2 hours, 7 minutes ago

Description : A vulnerability, which was classified as critical, has been found in FoxCMS up to 1.2.5. This issue affects the function batchCope of the file app/admin/controller/Download.php. The manipulation of the argument ids leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-6095 – Jasmin Ransomware SQL Injection Vulnerability

Next Article CVE-2025-6093 – “uYanki Board-STM32F103RC-Buffer Overflow Vulnerability”

Highlights

CVE-2025-43562 – ColdFusion OS Command Injection

May 13, 2025

CVE ID : CVE-2025-43562

Published : May 13, 2025, 9:16 p.m. | 1 hour, 58 minutes ago

Description : ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’) vulnerability that could result in arbitrary code execution in the context of the current user. A high-privileged attacker could leverage this vulnerability to bypass security mechanisms and execute code. Exploitation of this issue does not require user interaction and scope is changed.

Severity: 9.1 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

From Data To Decisions: UX Strategies For Real-Time Dashboards

Honeycomb launches AI observability suite for developers

Low-Code vs No-Code Platforms for Node.js: What CTOs Must Know Before Investing

ServiceNow unveils Zurich AI platform

DistroWatch Weekly, Issue 1139

Building personal apps with open source and AI

What Can We Actually Do With corner-shape?

Craft, Clarity, and Care: The Story and Work of Mengchu Yao

Optimizely Mission Control – Part III

Optimizely Mission Control – Part III

Learning from PHP Log to File Example

Online EMI Calculator using PHP – Calculate Loan EMI, Interest, and Amortization Schedule

DistroWatch Weekly, Issue 1139

DistroWatch Weekly, Issue 1139

sudo vs sudo-rs: What You Need to Know About the Rust Takeover of Classic Sudo Command

Dmitry — The Deep Magic

CVE-2025-6094 – FoxCMS SQL Injection Vulnerability

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

World Backup Day: Why Human Error Remains the Biggest Threat to Data Protection

As Microsoft posts $75B in Azure revenue, UK’s CMA says “competition is not working well”

CVE-2025-48071 – OpenEXR ZIPS-packed Deep Scan-Line Heap Buffer Overflow

CVE-2025-46528 – Steve Availability Calendar CSRF Stored XSS

CVE-2025-43562 – ColdFusion OS Command Injection

New technologies tackle brain health assessment for the military

CVE-2025-5476 – Sony XAV-AX8500 Bluetooth L2CAP Channel Isolation Authentication Bypass

CVE-2025-34044 – WIFISKY 7-layer Flow Control Router Command Injection Vulnerability

CVE-2025-6094 – FoxCMS SQL Injection Vulnerability

Related Posts