CVE-2025-29306 PoC — FoxCMS 安全漏洞

Source

https://github.com/congdong007/CVE-2025-29306_poc

Associated Vulnerability

Title:FoxCMS 安全漏洞 (CVE-2025-29306)
Description:FoxCMS是中国黔狐（FoxCMS）公司的一套可免费商用开源的内容管理系统。 FoxCMS 1.2.5版本存在安全漏洞，该漏洞源于index.html组件允许执行任意代码。

Readme

Description

Published: 2025-03-27 Updated: 2025-03-27

An issue in FoxCMS v.1.2.5 allows a remote attacker to execute arbitrary code via the case display page in the index.html component.

Usage:

python test_poc.py -u http://192.168.0.1/images/index.html "id"
python test_poc.py -f url.txt "id"

File Snapshot


 [4.0K]  /data/pocs/96944c6617cd055c213e6bd90946be479cfdb529
├── [3.8K]  POC.py
└── [ 297]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.