Home OffSec
  • Pricing
Uncategorized | OffSec
Blog

/

Uncategorized

Uncategorized

Jul 3, 2025

2 min read

CVE-2025-29306 – Unauthenticated Remote Code Execution in FoxCMS v1.2.5 via Unserialize Injection

Discover details about CVE-2025-29306, a critical RCE vulnerability in FoxCMS 1.2.5. Learn how unsafe use of PHP’s unserialize() function enables remote attackers to execute arbitrary system commands.

Read more

Join the OffSec Community!

Our community members connect, communicate and collaborate on all things cybersecurity.

By submitting this form, I agree to the processing of my personal data by OffSec as described in the Privacy Policy.