Lucene search
K

7 matches found

VulnCheck KEV
VulnCheck KEV
added 2025/11/03 12:0 a.m.7 views

VulnCheck KEV: CVE-2025-32429

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In versions 9.4-rc-1 through 16.10.5 and 17.0.0-rc-1 through 17.2.2, it's possible for anyone to inject SQL using the parameter sort of the getdeleteddocuments.vm. It's injected as is as an...

9.8CVSS5.9AI score0.8541EPSS
In wildExploits6References64
Packet Storm
Packet Storm
added 2025/07/29 12:0 a.m.91 views

📄 XWiki 14 SQL Injection

XWiki version 14 suffers from a remote blind SQL injection vulnerability in getdeleteddocuments.vm. Exploit Title: XWiki 14 - SQL Injection via getdeleteddocuments.vm Google Dork: N/A Date: 28 July 2025 Exploit Author: Byte Reaper LinkedIn: N/A Vendor Homepage: https://www.xwiki.org Software Link...

9.3CVSS9.7AI score0.8541EPSS
Exploits6
GithubExploit
GithubExploit
added 2025/07/28 6:48 a.m.276 views

Exploit for CVE-2025-32429

CVE-2025-32429 Vulnerability Checker A Python-based vulnerabi...

9.3CVSS7.2AI score0.8541EPSS
Exploits6
GithubExploit
GithubExploit
added 2025/07/26 10:6 a.m.394 views

Exploit for CVE-2025-32429

CVE-2025-32429 – SQL Injection in PHP PDO Prepared Statements...

9.3CVSS8.6AI score0.8541EPSS
Exploits6
GithubExploit
GithubExploit
added 2025/07/25 5:14 p.m.307 views

Exploit for CVE-2025-32429

CVE-2025-32429 XWiki SQL Injection PoC Author: Byte Reape...

9.3CVSS9.7AI score0.8541EPSS
Exploits6
NVD
NVD
added 2025/07/24 11:15 p.m.4 views

CVE-2025-32429

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In versions 9.4-rc-1 through 16.10.5 and 17.0.0-rc-1 through 17.2.2, it's possible for anyone to inject SQL using the parameter sort of the getdeleteddocuments.vm. It's injected as is as an...

9.8CVSS0.8541EPSS
Exploits6References4
CVE
CVE
added 2025/07/24 10:22 p.m.61 views

CVE-2025-32429

XWiki Platform contains an SQL injection in the getdeleteddocuments.vm template via the sort parameter (LiveData REST), affecting versions 9.4-rc-1 through 16.10.5 and 17.0.0-rc-1 through 17.2.2. The vulnerability allows injection of SQL by injecting the ORDER BY value, with impact described as d...

9.8CVSS6.6AI score0.8541EPSS
In wildExploits6References4Affected Software1
Rows per page
Query Builder