Arbitrary File Deletion Vulnerability in FoxCMS Software by FoxCMS
CVE-2025-45238

9.1CRITICAL

Key Information:

Vendor: FoxCMS
Status: FoxCMS
Vendor: CVE Published:; 5 May 2025

What is CVE-2025-45238?

FoxCMS version 1.2.5 has been identified with a vulnerability that allows unauthorized deletion of files through the delRestoreSerie method. This flaw can lead to significant security risks, compromising the integrity of the files stored within the application and potentially exposing sensitive data. Users of FoxCMS are advised to update their installation to secure their systems against this exploitation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://gitee.com/qianfox/foxcms

https://gist.github.com/chao112122/27010786774f2bb584cc71...

CVSS V3.1

Score:

9.1

Severity:

CRITICAL

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 5, 2025
Vulnerability Reserved
Apr 22, 2025

JSON

FoxCMS

What is CVE-2025-45238?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.