| Title | https://github.com/QianFox/FoxCMS foxcms v1.24 SQL injection vulnerabilities |
|---|
| Description | In the batchCope method of foxcms, the ids parameters passed from the front end are not processed at all and are directly concatenated into the SQL statement. The SQL statement then performs an insertion operation, which leads to an sql injection vulnerability. The vulnerability corresponding interface for/admin3953 / images/batchCope. HTML, parameters for ids. |
|---|
| Source | ⚠️ https://github.com/ueh1013/VULN/issues/3 |
|---|
| User | R21Z20 (UID 97129) |
|---|
| Submission | 04/06/2026 17:28 (2 days ago) |
|---|
| Moderation | 04/06/2026 23:46 (6 hours later) |
|---|
| Status | Duplicate |
|---|
| VulDB entry | 323611 [FoxCMS up to 1.24 Images.php batchCope ids sql injection] |
|---|
| Points | 0 |
|---|