CVE-2025-6094 – FoxCMS SQL Injection Vulnerability

June 15, 2025

CVE ID : CVE-2025-6094

Published : June 15, 2025, 11:15 p.m. | 2 hours, 7 minutes ago

Description : A vulnerability, which was classified as critical, has been found in FoxCMS up to 1.2.5. This issue affects the function batchCope of the file app/admin/controller/Download.php. The manipulation of the argument ids leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-6095 – Jasmin Ransomware SQL Injection Vulnerability

Next Article CVE-2025-6093 – “uYanki Board-STM32F103RC-Buffer Overflow Vulnerability”

Newest LF Decentralized Trust Lab HOPrS identifies if photos have been altered

Coder reimagines development environments to make them more ideal for AI agents

Report: AI coding productivity gains cancelled out by other friction points that slow developers down

15 Proven Benefits of Outsourcing Node.js Development for Large Organizations

How passkeys work: Do your favorite sites even support passkeys?

Samsung Galaxy Z Fold 7 vs. Z Fold 6: I tried both phones, and the difference is dramatic

Cor, blimey! The ASUS ROG Ally drops to its lowest-ever price for Amazon Prime Day in the UK — the only Windows handheld to permanently replace my Steam Deck

Owlcat Games talks to us about about WH40K: Rogue Trader, the next game ‘Dark Heresy’ — and how the studio feels about working with Xbox Game Pass

Cally – Small, feature-rich calendar components

Cally – Small, feature-rich calendar components

Working with the Command Line and WP-CLI

Access to Care Is Evolving: What Consumer Insights and Behavior Models Reveal

Cor, blimey! The ASUS ROG Ally drops to its lowest-ever price for Amazon Prime Day in the UK — the only Windows handheld to permanently replace my Steam Deck

Cor, blimey! The ASUS ROG Ally drops to its lowest-ever price for Amazon Prime Day in the UK — the only Windows handheld to permanently replace my Steam Deck

Owlcat Games talks to us about about WH40K: Rogue Trader, the next game ‘Dark Heresy’ — and how the studio feels about working with Xbox Game Pass

Microsoft says ‘we have threads at home’ — rolls out feature Slack has had for years

CVE-2025-6094 – FoxCMS SQL Injection Vulnerability

CVE-2025-3497 – Radiflow iSAP Smart Collector EOL Vulnerability

CVE-2025-3498 – Radiflow iSAP Smart Collector Unauthenticated Remote Command Execution and Configuration Modification

CVE-2025-6431 – “Firefox for Android External Application Bypass Vulnerability”

Spring Boot + Swagger: A Complete Guide to API Documentation

CVE-2025-43026 – HP Support Assistant Privilege Escalation Vulnerability

CVE-2025-48746 – Netwrix Directory Manager Authentication Bypass

Can OpenAI’s mandatory week-long break fend off Meta’s $100 million talent grab? — “Someone has broken into our home”

SMIL on?

CVE-2025-5908 – TOTOLINK EX1200T HTTP POST Request Handler Buffer Overflow

CVE-2025-26685 impacts Microsoft Defender with Identity Spoofing

CVE-2025-6094 – FoxCMS SQL Injection Vulnerability

Related Posts