XWiki Platform - Remote Code Execution

Any guest can perform arbitrary remote code execution through a request to SolrSearch. This impacts the confidentiality, integrity, and availability of the whole XWiki installation. This vulnerability has been patched in XWiki 15.10.11, 16.4.1, and 16.5.0RC1. id: CVE-2025-24893 info: name: XWiki...

Exploit for Eval Injection in Xwiki

CVE-2025-24893- CVE-20...

Exploit for Code Injection in Xwiki

CVE-2025-24893 – XWiki Remote Command Execution Proof of Conc...

Exploit for Code Injection in Xwiki

CVE-2025-24893 Remote Code Execution exploit for XWikihttp...

Exploit for Code Injection in Xwiki

XWiki Platform Unauthenticated RCE Exploit Overview This s...

Exploit for Code Injection in Xwiki

Description: XWiki Platform is a generic wiki platform offering...

Exploit for Code Injection in Xwiki

Description: XWiki Platform is a generic wiki platform offering...

RondoDox Exploits Unpatched XWiki Servers to Pull More Devices Into Its Botnet

The botnet malware known as RondoDox has been observed targeting unpatched XWiki instances against a critical security flaw that could allow attackers to achieve arbitrary code execution. The vulnerability in question is CVE-2025-24893 CVSS score: 9.8, an eval injection bug that could allow any...

Hackers Hijack Corporate XWiki Servers for Crypto Mining

Hackers exploit critical XWiki flaw CVE-2025-24893 to hijack corporate servers for cryptomining, with active attacks confirmed by VulnCheck researchers...

Exploit for Code Injection in Xwiki

xwiki-15.10.8-revers...

Exploit for Code Injection in Xwiki

exploit-scripts...

Exploit for Code Injection in Xwiki

Exploit for CVE-2025-24893 CVE-2025-24893 is a critical...

Exploit for Code Injection in Xwiki

solrsearch-rce-exploit Unauth RCE PoC for XWiki SolrSearch CV...

Exploit for Code Injection in Xwiki

CVE-2025-24893 - XWiki Unauthenticated Remote Code Execution...

Exploit for Code Injection in Xwiki

CVE-2025-24893 XWiki Unauthenticated Remote code execution POC...

Exploit for Code Injection in Xwiki

CVE-2025-24893 Install bun: bash curl -fsSL https://bun.c...

Exploit for Code Injection in Xwiki

XWiki RCE Exploit PoC CVE-2025-24893 Overview This repos...

Exploit for Code Injection in Xwiki

CVE-2025-24893-EXP Affected Versions xwiki-platform = 5.3...

Exploit for Code Injection in Xwiki

CVE-2025-24893-EXP Affected Versions xwiki-platform = 5.3...

📄 XWiki Platform 15.10.10 Remote Code Execution

XWiki Platform version 15.10.10 suffers from a remote code execution vulnerability. Exploit Title: XWiki Platform - Remote Code Execution Exploit Author: Al Baradi Joy Exploit Date: April 6, 2025 CVE ID: CVE-2025-24893 Vendor Homepage: https://www.xwiki.org/ Software Link:...