Share
## https://sploitus.com/exploit?id=72A570C7-A22D-592D-9353-B314A8CF4773
# Day06 โ€” FoxCMS-style RCE (CVE-2025-29306) โ€” Educational lab

This tiny lab simulates the core idea behind **CVE-2025-29306**: unsafe use of `unserialize()` on attacker-controlled input leading to remote code execution. This is a minimal, intentionally vulnerable educational replica โ€” **not** FoxCMS itself.

## Quickstart

```bash
chmod +x entrypoint.sh
docker build -t day6-foxcms .
docker run --rm -d -p 8080:80 --name day6 day6-foxcms
# Visit http://localhost:8080/public/images/index.php
```