Lucene search
K

20 matches found

Nuclei
Nuclei
added 2026/06/16 7:13 a.m.103 views

XWiki Platform - Remote Code Execution

Any guest can perform arbitrary remote code execution through a request to SolrSearch. This impacts the confidentiality, integrity, and availability of the whole XWiki installation. This vulnerability has been patched in XWiki 15.10.11, 16.4.1, and 16.5.0RC1. id: CVE-2025-24893 info: name: XWiki...

9.8CVSS9AI score0.99898EPSS
Exploits50References2
GithubExploit
GithubExploit
added 2026/01/26 2:21 p.m.173 views

Exploit for Eval Injection in Xwiki

CVE-2025-24893- CVE-20...

9.8CVSS5.9AI score0.99898EPSS
Exploits50
GithubExploit
GithubExploit
added 2025/12/28 6:40 p.m.225 views

Exploit for Code Injection in Xwiki

CVE-2025-24893 – XWiki Remote Command Execution Proof of Conc...

9.8CVSS8.2AI score0.99898EPSS
Exploits50
GithubExploit
GithubExploit
added 2025/12/19 10:52 a.m.132 views

Exploit for Code Injection in Xwiki

CVE-2025-24893 Remote Code Execution exploit for XWikihttp...

9.8CVSS7.2AI score0.99898EPSS
Exploits50
GithubExploit
GithubExploit
added 2025/12/03 8:43 p.m.227 views

Exploit for Code Injection in Xwiki

XWiki Platform Unauthenticated RCE Exploit Overview This s...

9.8CVSS9.5AI score0.99898EPSS
Exploits50
GithubExploit
GithubExploit
added 2025/11/28 1:26 a.m.152 views

Exploit for Code Injection in Xwiki

Description: XWiki Platform is a generic wiki platform offering...

9.8CVSS8.3AI score0.99898EPSS
Exploits50
GithubExploit
GithubExploit
added 2025/11/28 1:26 a.m.140 views

Exploit for Code Injection in Xwiki

Description: XWiki Platform is a generic wiki platform offering...

9.8CVSS8.3AI score0.99898EPSS
Exploits50
The Hacker News
The Hacker News
added 2025/11/15 4:35 p.m.11 views

RondoDox Exploits Unpatched XWiki Servers to Pull More Devices Into Its Botnet

The botnet malware known as RondoDox has been observed targeting unpatched XWiki instances against a critical security flaw that could allow attackers to achieve arbitrary code execution. The vulnerability in question is CVE-2025-24893 CVSS score: 9.8, an eval injection bug that could allow any...

9.8CVSS8.4AI score0.99898EPSS
Exploits50
GithubExploit
GithubExploit
added 2025/09/10 1:28 p.m.229 views

Exploit for Code Injection in Xwiki

xwiki-15.10.8-revers...

9.8CVSS7AI score0.99898EPSS
Exploits50
GithubExploit
GithubExploit
added 2025/09/06 4:45 a.m.128 views

Exploit for Code Injection in Xwiki

exploit-scripts...

9.8CVSS7.2AI score0.99898EPSS
Exploits50
GithubExploit
GithubExploit
added 2025/09/03 10:25 p.m.322 views

Exploit for Code Injection in Xwiki

Exploit for CVE-2025-24893 CVE-2025-24893 is a critical...

9.8CVSS8.5AI score0.99898EPSS
Exploits50
GithubExploit
GithubExploit
added 2025/08/13 9:49 p.m.290 views

Exploit for Code Injection in Xwiki

CVE-2025-24893 - XWiki Unauthenticated Remote Code Execution...

9.8CVSS10AI score0.99898EPSS
Exploits50
GithubExploit
GithubExploit
added 2025/08/06 3:56 p.m.232 views

Exploit for Code Injection in Xwiki

XWiki RCE Exploit PoC CVE-2025-24893 Overview This repos...

9.8CVSS8.8AI score0.99898EPSS
Exploits50
GithubExploit
GithubExploit
added 2025/05/05 4:10 a.m.291 views

Exploit for Code Injection in Xwiki

CVE-2025-24893-EXP Affected Versions xwiki-platform = 5.3...

9.8CVSS9.5AI score0.99898EPSS
Exploits50
GithubExploit
GithubExploit
added 2025/05/05 4:10 a.m.282 views

Exploit for Code Injection in Xwiki

CVE-2025-24893-EXP Affected Versions xwiki-platform = 5.3...

9.8CVSS9.5AI score0.99898EPSS
Exploits50
Packet Storm
Packet Storm
added 2025/04/08 12:0 a.m.258 views

📄 XWiki Platform 15.10.10 Remote Code Execution

XWiki Platform version 15.10.10 suffers from a remote code execution vulnerability. Exploit Title: XWiki Platform - Remote Code Execution Exploit Author: Al Baradi Joy Exploit Date: April 6, 2025 CVE ID: CVE-2025-24893 Vendor Homepage: https://www.xwiki.org/ Software Link:...

9.8CVSS7.8AI score0.99898EPSS
Exploits50
Exploit DB
Exploit DB
added 2025/04/07 12:0 a.m.233 views

XWiki Platform 15.10.10 - Remote Code Execution

Exploit Title: XWiki Platform - Remote Code Execution Exploit Author: Al Baradi Joy Exploit Date: April 6, 2025 CVE ID: CVE-2025-24893 Vendor Homepage: https://www.xwiki.org/ Software Link: https://github.com/xwiki/xwiki-platform Version: Affected versions up to and including XWiki 15.10.10 Teste...

9.8CVSS7AI score0.99898EPSS
Exploits50
GithubExploit
GithubExploit
added 2025/02/25 7:11 a.m.428 views

Exploit for Code Injection in Xwiki

Disclaimer: The vulnerabilities described in this article, alo...

9.8CVSS7.4AI score0.99898EPSS
Exploits50
Circl
Circl
added 2025/02/20 8:56 p.m.529 views

CVE-2025-24893

creationtimestamp| type| source ---|---|--- 2025-02-20 20:56:31+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lin6hwckvn2a 2025-02-20 21:48:44+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114038415303555460 2025-02-20 23:12:05+00:00| published-proof-of-concept...

9.8CVSS7.5AI score0.99898EPSS
In wildExploits50References101
Cvelist
Cvelist
added 2025/02/20 7:19 p.m.28 views

CVE-2025-24893 Remote code execution as guest via SolrSearchMacros request in xwiki

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any guest can perform arbitrary remote code execution through a request to SolrSearch. This impacts the confidentiality, integrity and availability of the whole XWiki installation. To reproduc...

9.8CVSS0.99898EPSS
Exploits50References5
Rows per page
Query Builder