Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2025-31131 PoC — YesWiki 路径遍历漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2025/CVE-2025-31131.yaml
Associated Vulnerability
Title:YesWiki 路径遍历漏洞 (CVE-2025-31131)
Description:YesWiki是法国YesWiki组织的一个用 PHP 编写的 wiki 系统。用于以协作方式创建和管理网站。 YesWiki 4.5.2之前版本存在路径遍历漏洞,该漏洞源于squelette参数容易受到路径遍历攻击,可能导致读取服务器上的任意文件。
Description
YesWiki is a wiki system written in PHP. The squelette parameter is vulnerable to path traversal attacks, enabling read access to arbitrary files on the server.
File Snapshot

 id: CVE-2025-31131

info:
  name: Yeswiki < 4.5.2 - Unauthenticated Path Traversal
  author: iamnooo

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.