POC - CVE-2025-29306 FOXCMS /images/index.html Code Execution Vulnerability

17.04.2025 14 views

Overview
An issue in FoxCMS v.1.2.5 allows a remote attacker to execute arbitrary code via the case display page in the index.html component.

Read about it — CVE-2025-29306

Disclaimer: This Proof of Concept (POC) is made for educational and ethical testing purposes only. Usage of this tool for attacking targets without prior mutual consent is illegal. It is the end user’s responsibility to obey all applicable local, state, and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program.

Getting Started

Finding Targets
To find potential targets, use Fofa (similar to Shodan.io):

Fofa Dork: (body="foxcms-logo" || body="foxcms-container") && body="div"

Image description

Cloning the Repository
First, clone the repository:

git clone https://github.com/verylazytech/CVE-2025-29306
Run the Exploit:

./CVE-2025-29306.sh Target:port cmd

Image description

POC - CVE-2025-29306 FOXCMS /images/index.html Code Execution Vulnerability

Getting Started

Comments (0)

Read More

#reading

#popular

POC - CVE-2025-29306 FOXCMS /images/index.html Code Execution Vulnerability

Getting Started

Comments (0)

Read More

Cybersecurity for Everyone: Protect Yourself in a Connected World

System Hacking: Journey into the Intricate World of Cyber Intrusion

Prevent File Inclusion in Symfony Apps

The Ultimate Guide to Cyber Threat Actors: Exploring Hackers, Hacktivists, and Their Tactics

#reading

#popular