尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
| 厂商 | 产品 | 影响版本 | CPE | 订阅 |
|---|---|---|---|---|
| xwiki | xwiki-platform | >= 9.4-rc-1, < 16.10.6 | - |
| # | POC 描述 | 源链接 | 神龙链接 |
|---|---|---|---|
| 1 | Exploit for CVE-2025-32429 – SQLi in XWiki REST API (getdeleteddocuments.vm). | https://github.com/byteReaper77/CVE-2025-32429 | POC详情 |
| 2 | Proof-of-Concept exploit for CVE-2025-32429 (SQL Injection in PHP PDO prepared statements) – for educational and security research purposes only | https://github.com/amir-othman/CVE-2025-32429 | POC详情 |
| 3 | None | https://github.com/imbas007/CVE-2025-32429-Checker | POC详情 |
| 4 | XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In versions 9.4-rc-1 through 16.10.5 and 17.0.0-rc-1 through 17.2.2, it's possible for anyone to inject SQL using the parameter sort of the getdeleteddocuments.vm. It's injected as is as an ORDER BY value. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2025/CVE-2025-32429.yaml | POC详情 |
未找到公开 POC。
登录以生成 AI POC暂无评论