Share
## https://sploitus.com/exploit?id=72A570C7-A22D-592D-9353-B314A8CF4773
# Day06 โ FoxCMS-style RCE (CVE-2025-29306) โ Educational lab
This tiny lab simulates the core idea behind **CVE-2025-29306**: unsafe use of `unserialize()` on attacker-controlled input leading to remote code execution. This is a minimal, intentionally vulnerable educational replica โ **not** FoxCMS itself.
## Quickstart
```bash
chmod +x entrypoint.sh
docker build -t day6-foxcms .
docker run --rm -d -p 8080:80 --name day6 day6-foxcms
# Visit http://localhost:8080/public/images/index.php
```