CNNVD-202509-1081 Information

CNNVD ID

CNNVD-202509-1081

Related CVE

CVE-2025-56630

• CNNVD Published: 2025-09-08

Description (Chinese)

FoxCMS是中国黔狐（FoxCMS）公司的一套可免费商用开源的内容管理系统。 FoxCMS v1.2.5及之前版本存在安全漏洞，该漏洞源于app/admin/controller/Column.php文件中column_model参数存在SQL注入。

Description (English)

FoxCMS is a free, commercial, open-source content management system for the Chinese company FoxCMS. The FoxCMS v1.2.5 and previous versions had a security loophole, which originated from the SQL injection of the column model parameter in the app/admin/controller/Column.php file.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

黔狐

Published

2025-09-08

Last Modified

2026-02-24

References

https://www.foxcms.cn/ https://access.redhat.com/security/cve/cve-2025-56630

Patch

https://www.foxcms.cn/system/update/2025/