CNNVD-202509-1659 Information

CNNVD ID

CNNVD-202509-1659

Related CVE

CVE-2025-10251

• CNNVD Published: 2025-09-11

Description (Chinese)

FoxCMS是中国黔狐（FoxCMS）公司的一套可免费商用开源的内容管理系统。 FoxCMS 1.24及之前版本存在安全漏洞，该漏洞源于文件/app/admin/controller/Images.php中函数batchCope对参数ids的错误操作，可能导致SQL注入攻击。

Description (English)

FoxCMS is a free, commercial, open-source content management system for the Chinese company FoxCMS. FoxCMS 1.24 and previous versions have a security loophole, which stems from the error of the BatchCope function in file/app/admin/controller/Images.php against parameter ids, which may result in an SQL injection attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

黔狐

Published

2025-09-11

Last Modified

2026-02-24

References

https://vuldb.com/?submit.642476 https://vuldb.com/?id.323611 https://github.com/ueh1013/VULN/issues/3 https://vuldb.com/?ctiid.323611 https://access.redhat.com/security/cve/cve-2025-10251