How severe is CVE-2024-12900?

CVE-2024-12900 has a CVSS v3 score of 6.3 (MEDIUM).

CVE-2024-12900

Name: foxcms
Author: qianfox

6.3MEDIUM

A vulnerability classified as critical has been found in FoxCMS up to 1.2. Affected is an unknown function of the file /install/installdb.php of the component Configuration File Handler. The manipulat

Published: 12/23/2024Updated: 7/15/2025

Description

A vulnerability classified as critical has been found in FoxCMS up to 1.2. Affected is an unknown function of the file /install/installdb.php of the component Configuration File Handler. The manipulation of the argument database password leads to code injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

AI AnalysisPowered by AI

Affected Products

qianfoxfoxcms

References

https://note.zhaoj.in/share/iDCwOv9vfDTI
Broken Link
https://vuldb.com/?ctiid.289170
Permissions RequiredVDB Entry
https://vuldb.com/?id.289170
Third Party AdvisoryVDB Entry
https://vuldb.com/?submit.467658
Third Party AdvisoryVDB Entry