Browse all 5 CVE security advisories affecting qianfox. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Qianfox is a cybersecurity tool focused on web application vulnerability scanning, with five CVEs recorded in its history. The tool primarily targets identifying security flaws in web applications, with a historical pattern of vulnerabilities including remote code execution, cross-site scripting, and privilege escalation issues. Notable characteristics include its automated scanning capabilities and integration with development workflows. While no major public security incidents have been widely documented, the CVEs associated with qianfox highlight potential risks in its own implementation, particularly around input validation and access control mechanisms.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-12920 | qianfox FoxCMS Product.php edit cross site scripting — FoxCMSCWE-79 | 2.4 | Low | 2025-11-09 |
| CVE-2025-11306 | qianfox FoxCMS Search cross site scripting — FoxCMSCWE-79 | 4.3 | Medium | 2025-10-05 |
| CVE-2025-7568 | qianfox FoxCMS Video.php batchCope sql injection — FoxCMSCWE-89 | 6.3 | Medium | 2025-07-14 |
| CVE-2025-6094 | qianfox FoxCMS Download.php batchCope sql injection — FoxCMSCWE-89 | 6.3 | Medium | 2025-06-15 |
| CVE-2025-5155 | qianfox FoxCMS Article.php batchCope sql injection — FoxCMSCWE-89 | 6.3 | Medium | 2025-05-25 |
This page lists every published CVE security advisory associated with qianfox. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.