Code Execution Vulnerability in FoxCMS by FoxCMS
CVE-2025-50692

9.8CRITICAL

Key Information:

Vendor: FoxCMS
Status: FoxCMS
Vendor: CVE Published:; 7 August 2025

What is CVE-2025-50692?

FoxCMS versions up to 1.2.5 contain a vulnerability that allows for remote code execution through the admin interface, specifically in the file editing feature located at admin/template_file/editFile.html. This weakness can potentially allow an attacker to execute malicious scripts and gain unauthorized access to sensitive areas of the application, posing a significant risk to affected users. Implementing patches and best security practices is crucial to protect against potential exploits.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://reference1.example.com/index.php/admin/template_f...

https://gist.github.com/cyb3res3c/ceacf7d560d2c8cd5ffd158...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 7, 2025
Vulnerability Reserved
Jun 16, 2025

JSON

FoxCMS

What is CVE-2025-50692?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.