Exploit for Code Injection in Foxcms CVE-2025-29306

Name: Exploit for Code Injection in Foxcms CVE-2025-29306
Rating: 5 (81 reviews)

2025-05-10 | CVSS 9.8

## https://sploitus.com/exploit?id=CFE4B5F2-E665-53B2-8F9C-04E348CC0EF8
Description

Published: 2025-03-27 Updated: 2025-03-27

An issue in FoxCMS v.1.2.5 allows a remote attacker to execute arbitrary code via the case display page in the index.html component.

Usage:

python test_poc.py -u http://192.168.0.1/images/index.html "id"
python test_poc.py -f url.txt "id"