CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-51650

An arbitrary file upload vulnerability in the component /controller/PicManager.php of FoxCMS v1.2.6 allows attackers to execute arbitrary code via uploading a crafted template file.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 21.5%

CVSS Severity

CVSS v3 Score 5.6

References

https://github.com/Y4y17/Foxcms/blob/main/Foxcms%20%3C%3D%20v1.2.6%20RCE.md

Products affected by CVE-2025-51650

Qianfox » Foxcms » Version: Any

cpe:2.3:a:qianfox:foxcms:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-51650

Products

Pricing

Contact Us