CVE-2025-29306

This exploit leverages a remote code execution (RCE) vulnerability in FoxCMS v1.2.5 by injecting a crafted payload into the 'id' parameter, which is then processed by the application to execute arbitrary commands. The script encodes the payload, sends it via a GET request, and parses the response to extract command output.

This repository contains a Python-based exploit for CVE-2025-29306, a remote code execution vulnerability in FoxCMS. The exploit allows command execution via a crafted URL parameter and includes bulk scanning capabilities.

This repository contains a functional proof-of-concept exploit for CVE-2025-29306, targeting a remote code execution vulnerability in FoxCMS v1.2.5 via the /images/index.html component. The exploit uses a crafted URL with an encoded payload to execute arbitrary commands on the target system.

This repository contains a Python-based PoC for CVE-2025-29306, a Remote Code Execution (RCE) vulnerability in FOXCMS v1.2. The exploit leverages insecure parameter parsing in the 'id' parameter to inject PHP code via `${@print()}` expressions.

This repository describes a Bash-based tool for automating RCE testing against FoxCMS (CVE-2025-29306). The tool is compiled with SHC and requires a target list (urls.txt) to execute commands remotely.

This repository contains a functional proof-of-concept for CVE-2025-29306, demonstrating an unsafe deserialization vulnerability leading to remote code execution (RCE). The exploit leverages a crafted serialized payload to execute arbitrary commands via `eval()` in a controlled lab environment.

This PoC exploits an arbitrary code execution vulnerability in FoxCMS v1.2.5 by injecting a payload into the 'id' parameter, which is then processed by the server, allowing remote command execution. The script supports both single URL and bulk URL testing with threaded execution.

This repository contains a writeup for CVE-2025-29306, detailing a parameter injection vulnerability in FOXCMS V1.2. The PoC demonstrates remote code execution via a crafted URL parameter.