Yf3Te

**Name of the Vulnerable Software and Affected Versions** Foxcms version 1.25 **Description** The issue is related to a SQL time injection in the `installdb.php` script, specifically affecting the `$ POST['dbname']` parameter. This allows for potential exploitation. **Recommendations** For Foxcms version 1.25, consider restricting access to the `installdb.php` script until a patch is available. As a temporary workaround, avoid using the `dbname` parameter in the affected script to minimize the risk of exploitation.