exploitDog

GHSA-q8hq-xhpc-vm95

Опубликовано: 17 апр. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 7.2

Описание

In FOXCMS <=1.25, the installdb.php file has a time - based blind SQL injection vulnerability. The url_prefix, domain, and my_website POST parameters are directly concatenated into SQL statements without filtering.

In FOXCMS <=1.25, the installdb.php file has a time - based blind SQL injection vulnerability. The url_prefix, domain, and my_website POST parameters are directly concatenated into SQL statements without filtering.

Ссылки

EPSS

Процентиль: 18%

0.00056

Низкий

7.2 High

CVSS3

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2025-29180

CVSS3: 7.2

nvd

10 месяцев назад

In FOXCMS <=1.25, the installdb.php file has a time - based blind SQL injection vulnerability. The url_prefix, domain, and my_website POST parameters are directly concatenated into SQL statements without filtering.

EPSS

Процентиль: 18%

0.00056

Низкий

7.2 High

CVSS3

CVE ID

Дефекты

CWE-89