{"vulnerability": "cve-2025-29306", "sightings": [{"uuid": "e46ada56-8578-43e4-ba3b-4bc0e850f16e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29306", "type": "published-proof-of-concept", "source": "Telegram/EQSEx6hVvMlnJ1ky7huxK4eSzyICfuehitJwgPSzGmUZN8M", "content": "", "creation_timestamp": "2025-11-26T21:00:05.000000Z"}, {"uuid": "1b1f9a48-d98d-485a-9ffd-c895ff43d2ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29306", "type": "published-proof-of-concept", "source": "https://t.me/information_security_channel/53804", "content": "CVE-2025-29306 \u2013 Unauthenticated Remote Code Execution in FoxCMS v1.2.5 via Unserialize Injection\nhttps://www.offsec.com/blog/cve-2025-29306/\n\nDiscover details about CVE-2025-29306, a critical RCE vulnerability in FoxCMS 1.2.5. Learn how unsafe use of PHP's unserialize() function enables remote attackers to execute arbitrary system commands.\nThe post CVE-2025-29306 \u2013 Unauthenticated Remote Code Execution in FoxCMS v1.2.5 via Unserialize Injection (https://www.offsec.com/blog/cve-2025-29306/) appeared first on OffSec (https://www.offsec.com/).", "creation_timestamp": "2025-07-03T19:04:35.000000Z"}, {"uuid": "10d2107c-fb41-4d8c-b2f1-ddb307f3130e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29306", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/34127", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aThis repository contains POC scenarios as part of CVE-2025-0411 MotW bypass.\nURL\uff1ahttps://github.com/Mattb709/CVE-2025-29306-PoC\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-04-25T03:48:46.000000Z"}, {"uuid": "41ec9133-11be-4c61-89ce-fe2b4d1a37c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29306", "type": "seen", "source": "https://t.me/cvedetector/21333", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-29306 - FoxCMS Remote Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-29306 \nPublished : March 27, 2025, 7:15 p.m. | 28\u00a0minutes ago \nDescription : An issue in FoxCMS v.1.2.5 allows a remote attacker to execute arbitrary code via the case display page in the index.html component. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-27T20:50:25.000000Z"}, {"uuid": "f42da9fe-d5c2-478e-8bea-8aa89c182eda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29306", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2025/CVE-2025-29306.yaml", "content": "", "creation_timestamp": "2025-04-23T06:59:43.000000Z"}, {"uuid": "d9f93172-dd6e-47e6-b7e0-366b019db809", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29306", "type": "seen", "source": "MISP/1413a78e-c0b3-4092-97e7-909fb9773448", "content": "", "creation_timestamp": "2025-08-06T13:54:20.000000Z"}, {"uuid": "3b113e27-5823-4874-b936-a3a53a405219", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29306", "type": "seen", "source": "https://bsky.app/profile/ytroncal.bsky.social/post/3ln3quw3ikk2q", "content": "", "creation_timestamp": "2025-04-18T13:44:02.957556Z"}, {"uuid": "8d3828a0-9a97-4fee-9152-563294f1d165", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29306", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lnlm6a54tr2y", "content": "", "creation_timestamp": "2025-04-24T21:02:20.656937Z"}, {"uuid": "6918ec78-9ebd-4824-8c49-b16a7fafc320", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29306", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/60874", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aCVE-2025-29306\nURL\uff1ahttps://github.com/B1ack4sh/Blackash-CVE-2025-29306\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-11-26T18:17:47.000000Z"}, {"uuid": "208335c4-af79-486f-89e2-ea9595b37294", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29306", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/34188", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aProof-of-Concept (PoC) for CVE-2025-29306, a Remote Code Execution vulnerability in FoxCMS. This Python script scans single or multiple targets, executes commands, and reports vulnerable hosts.\nURL\uff1ahttps://github.com/Mattb709/CVE-2025-29306-PoC-FoxCMS-RCE\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-04-25T13:46:48.000000Z"}, {"uuid": "0bf020e1-db24-4068-b67b-9c0e8e47b821", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29306", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/52085", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aThis tiny lab simulates the core idea behind CVE-2025-29306: unsafe use of `unserialize()` on attacker-controlled input leading to remote code execution.\nURL\uff1ahttps://github.com/amalpvatayam67/day06-foxcms-rce\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-09-18T05:16:00.000000Z"}, {"uuid": "ad616a35-f037-45a8-92ab-cb22ae751c4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29306", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/52082", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aThis tiny lab simulates the core idea behind CVE-2025-29306: unsafe use of `unserialize()` on attacker-controlled input leading to remote code execution.\nURL\uff1ahttps://github.com/amalpvatayam67/day06-foxcms-rce\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-09-18T04:54:54.000000Z"}, {"uuid": "8042eaab-1faf-43d4-92b0-a1787bd43f59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29306", "type": "published-proof-of-concept", "source": "Telegram/2VpkGdUNjYoarYnol6Z9IkHtEM3-uUmyArzNM6QRuvSvsgQ", "content": "", "creation_timestamp": "2025-09-18T09:00:04.000000Z"}, {"uuid": "e9905597-b532-4c94-8184-2ac3317630db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29306", "type": "seen", "source": "https://bsky.app/profile/bilaltariq01.bsky.social/post/3lmyuweu2gf24", "content": "", "creation_timestamp": "2025-04-17T10:18:23.581427Z"}, {"uuid": "f131bfbf-bfea-4609-a407-fb6c881cbb21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29306", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lnbkcd7tzh2y", "content": "", "creation_timestamp": "2025-04-20T21:02:11.470056Z"}, {"uuid": "62612e6c-131c-4ae7-8488-d674048add2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2025-29306", "type": "seen", "source": "https://bsky.app/profile/securitycipher.bsky.social/post/3lnuo2evye22e", "content": "", "creation_timestamp": "2025-04-28T11:29:53.631020Z"}, {"uuid": "3b65c22f-2ae6-4038-915c-655a97e02a88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29306", "type": "seen", "source": "MISP/1413a78e-c0b3-4092-97e7-909fb9773448", "content": "", "creation_timestamp": "2025-08-14T11:44:22.000000Z"}, {"uuid": "f8a3d26a-7e6e-44d7-a813-797da7ae6d87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29306", "type": "published-proof-of-concept", "source": "Telegram/f9DwH0E8ALLwHquXU-kVirANbqvX23Jli4fOZF7oeW-0l1Q", "content": "", "creation_timestamp": "2026-01-07T09:00:05.000000Z"}]}