Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2025-56435

SQL Injection vulnerability in FoxCMS v1.2.6 and before allows a remote attacker to execute arbitrary code via the. file /DataBackup.php and the operation on the parameter id.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 24.8%
CVSS Severity
CVSS v3 Score 5.3
Products affected by CVE-2025-56435
  • Foxcms » Foxcms » Version: 1.2.0
    cpe:2.3:a:foxcms:foxcms:1.2.0
  • Foxcms » Foxcms » Version: 1.2.1
    cpe:2.3:a:foxcms:foxcms:1.2.1
  • Foxcms » Foxcms » Version: 1.2.2
    cpe:2.3:a:foxcms:foxcms:1.2.2
  • Foxcms » Foxcms » Version: 1.2.3
    cpe:2.3:a:foxcms:foxcms:1.2.3
  • Foxcms » Foxcms » Version: 1.2.4
    cpe:2.3:a:foxcms:foxcms:1.2.4
  • Foxcms » Foxcms » Version: 1.2.5
    cpe:2.3:a:foxcms:foxcms:1.2.5
  • Foxcms » Foxcms » Version: 1.2.6
    cpe:2.3:a:foxcms:foxcms:1.2.6


Contact Us

Shodan ® - All rights reserved