20 matches found
XWiki Platform - Remote Code Execution
Any guest can perform arbitrary remote code execution through a request to SolrSearch. This impacts the confidentiality, integrity, and availability of the whole XWiki installation. This vulnerability has been patched in XWiki 15.10.11, 16.4.1, and 16.5.0RC1. id: CVE-2025-24893 info: name: XWiki...
Exploit for Eval Injection in Xwiki
CVE-2025-24893- CVE-20...
Exploit for Code Injection in Xwiki
CVE-2025-24893 – XWiki Remote Command Execution Proof of Conc...
Exploit for Code Injection in Xwiki
CVE-2025-24893 Remote Code Execution exploit for XWikihttp...
Exploit for Code Injection in Xwiki
XWiki Platform Unauthenticated RCE Exploit Overview This s...
Exploit for Code Injection in Xwiki
Description: XWiki Platform is a generic wiki platform offering...
Exploit for Code Injection in Xwiki
Description: XWiki Platform is a generic wiki platform offering...
RondoDox Exploits Unpatched XWiki Servers to Pull More Devices Into Its Botnet
The botnet malware known as RondoDox has been observed targeting unpatched XWiki instances against a critical security flaw that could allow attackers to achieve arbitrary code execution. The vulnerability in question is CVE-2025-24893 CVSS score: 9.8, an eval injection bug that could allow any...
Exploit for Code Injection in Xwiki
xwiki-15.10.8-revers...
Exploit for Code Injection in Xwiki
exploit-scripts...
Exploit for Code Injection in Xwiki
Exploit for CVE-2025-24893 CVE-2025-24893 is a critical...
Exploit for Code Injection in Xwiki
CVE-2025-24893 - XWiki Unauthenticated Remote Code Execution...
Exploit for Code Injection in Xwiki
XWiki RCE Exploit PoC CVE-2025-24893 Overview This repos...
Exploit for Code Injection in Xwiki
CVE-2025-24893-EXP Affected Versions xwiki-platform = 5.3...
Exploit for Code Injection in Xwiki
CVE-2025-24893-EXP Affected Versions xwiki-platform = 5.3...
📄 XWiki Platform 15.10.10 Remote Code Execution
XWiki Platform version 15.10.10 suffers from a remote code execution vulnerability. Exploit Title: XWiki Platform - Remote Code Execution Exploit Author: Al Baradi Joy Exploit Date: April 6, 2025 CVE ID: CVE-2025-24893 Vendor Homepage: https://www.xwiki.org/ Software Link:...
XWiki Platform 15.10.10 - Remote Code Execution
Exploit Title: XWiki Platform - Remote Code Execution Exploit Author: Al Baradi Joy Exploit Date: April 6, 2025 CVE ID: CVE-2025-24893 Vendor Homepage: https://www.xwiki.org/ Software Link: https://github.com/xwiki/xwiki-platform Version: Affected versions up to and including XWiki 15.10.10 Teste...
Exploit for Code Injection in Xwiki
Disclaimer: The vulnerabilities described in this article, alo...
CVE-2025-24893
creationtimestamp| type| source ---|---|--- 2025-02-20 20:56:31+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lin6hwckvn2a 2025-02-20 21:48:44+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114038415303555460 2025-02-20 23:12:05+00:00| published-proof-of-concept...
CVE-2025-24893 Remote code execution as guest via SolrSearchMacros request in xwiki
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any guest can perform arbitrary remote code execution through a request to SolrSearch. This impacts the confidentiality, integrity and availability of the whole XWiki installation. To reproduc...