CVE-2025-32429 PoC — XWiki Platform SQL注入漏洞

Source

Associated Vulnerability

Description

Proof-of-Concept exploit for CVE-2025-32429 (SQL Injection in PHP PDO prepared statements) – for educational and security research purposes only

Readme

# CVE-2025-32429 – SQL Injection in PHP PDO Prepared Statements

This repository contains a proof-of-concept exploit for **CVE-2025-32429**, 
a vulnerability affecting PHP PDO prepared statements when emulation is enabled.

## 📄 References
- Original research by Assetnote:  
  https://slcyber.io/assetnote-security-research-center/a-novel-technique-for-sql-injection-in-pdos-prepared-statements
- NVD Entry:  
  https://nvd.nist.gov/vuln/detail/CVE-2025-32429

## ⚠ Disclaimer
This code is for **educational and security research purposes only.**  
Do **NOT** use it against systems you do not own or have explicit permission to test.  
The author is **not responsible for misuse of this code.**

## 🛠 Usage
```bash
gcc exploit.c -o exploit -lcurl
./exploit -u http://target.com
```

Original PoC by Byte Reaper https://github.com/byteReaper77/CVE-2025-32429

File Snapshot

 [4.0K]  /data/pocs/99f60511d279f14327f72517f01835b27a74110d
├── [ 27K]  exploit.c
└── [ 870]  README.md

0 directories, 2 files

Remarks