262 matches found
CVE-2025-10369 MiczFlor RPi-Jukebox-RFID cardRegisterNew.php cross site scripting
A vulnerability was determined in MiczFlor RPi-Jukebox-RFID up to 2.8.0. This affects an unknown part of the file /htdocs/cardRegisterNew.php. Executing manipulation can lead to cross site scripting. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized...
CVE-2025-10369
CVE-2025-10369 affects MiczFlor RPi-Jukebox-RFID up to version 2.8.0, with a cross-site scripting flaw in the /htdocs/cardRegisterNew.php file. Exploitation can be performed remotely and the exploit has been publicly disclosed. Multiple sources (including Red Hat, CNNVD, PT Security, and Vulners-...
CVE-2025-10368
A vulnerability was found in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected by this issue is some unknown functionality of the file /htdocs/manageFilesFolders.php. Performing manipulation results in cross site scripting. Remote exploitation of the attack is possible. The exploit has been made...
CVE-2025-10368 MiczFlor RPi-Jukebox-RFID manageFilesFolders.php cross site scripting
A vulnerability was found in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected by this issue is some unknown functionality of the file /htdocs/manageFilesFolders.php. Performing manipulation results in cross site scripting. Remote exploitation of the attack is possible. The exploit has been made...
CVE-2025-10368
CVE-2025-10368 affects MiczFlor RPi-Jukebox-RFID up to 2.8.0. The issue resides in an unknown functionality of the file /htdocs/manageFilesFolders.php; manipulation leads to cross-site scripting. Remote exploitation is possible and the exploit is public. The vendor was contacted early but did not...
CVE-2025-10367
A vulnerability has been found in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected by this vulnerability is an unknown functionality of the file /htdocs/cardEdit.php. Such manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public...
CVE-2025-10367
A vulnerability has been found in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected by this vulnerability is an unknown functionality of the file /htdocs/cardEdit.php. Such manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public...
CVE-2025-10366
A flaw has been found in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected is an unknown function of the file /htdocs/inc.setWlanIpMail.php. This manipulation of the argument Email address causes cross site scripting. The attack may be initiated remotely. The exploit has been published and may be...
CVE-2025-10366
A flaw has been found in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected is an unknown function of the file /htdocs/inc.setWlanIpMail.php. This manipulation of the argument Email address causes cross site scripting. The attack may be initiated remotely. The exploit has been published and may be...
CVE-2025-10367 MiczFlor RPi-Jukebox-RFID cardEdit.php cross site scripting
A vulnerability has been found in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected by this vulnerability is an unknown functionality of the file /htdocs/cardEdit.php. Such manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public...
CVE-2025-10367 MiczFlor RPi-Jukebox-RFID cardEdit.php cross site scripting
A vulnerability has been found in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected by this vulnerability is an unknown functionality of the file /htdocs/cardEdit.php. Such manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public...
CVE-2025-10366 MiczFlor RPi-Jukebox-RFID inc.setWlanIpMail.php cross site scripting
A flaw has been found in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected is an unknown function of the file /htdocs/inc.setWlanIpMail.php. This manipulation of the argument Email address causes cross site scripting. The attack may be initiated remotely. The exploit has been published and may be...
CVE-2025-10366
CVE-2025-10366 affects MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected is an unknown function in the file /htdocs/inc.setWlanIpMail.php , where manipulation of the Email address argument enables a cross-site scripting (XSS) flaw. The attack can be initiated remotely, and the exploit has been publ...
PT-2025-37372
Name of the Vulnerable Software and Affected Versions: MiczFlor RPi-Jukebox-RFID versions up to 2.8.0 Description: A flaw has been found in MiczFlor RPi-Jukebox-RFID. The manipulation of the Email address argument in an unknown function of the file /htdocs/inc.setWlanIpMail.php causes cross site...
PT-2025-37373
Name of the Vulnerable Software and Affected Versions: MiczFlor RPi-Jukebox-RFID versions up to 2.8.0 Description: A cross-site scripting issue exists in MiczFlor RPi-Jukebox-RFID. The issue is related to an unknown functionality within the /htdocs/cardEdit.php file. This manipulation can lead to...
PT-2025-37374
Name of the Vulnerable Software and Affected Versions: MiczFlor RPi-Jukebox-RFID versions up to 2.8.0 Description: A cross site scripting issue exists due to manipulation of an unknown functionality within the /htdocs/manageFilesFolders.php file. Remote exploitation is possible. The exploit has...
PT-2025-37379
Name of the Vulnerable Software and Affected Versions: MiczFlor RPi-Jukebox-RFID versions up to 2.8.0 Description: A cross-site scripting issue exists in MiczFlor RPi-Jukebox-RFID. The issue affects an unknown part of the /htdocs/cardRegisterNew.php file. Remote attackers can execute manipulation...
RPi-Jukebox-RFID 代码注入漏洞
RPi-Jukebox-RFID is a contactless jukebox for the Raspberry Pi from the individual developer Micz Flor in Germany. It can play audio files, playlists, podcasts, web streams and spotify triggered by RFID cards. A code injection vulnerability exists in RPi-Jukebox-RFID version 2.8.0 and earlier,...
PT-2025-37389
Name of the Vulnerable Software and Affected Versions: MiczFlor RPi-Jukebox-RFID versions up to 2.8.0 Description: A cross site scripting issue exists in MiczFlor RPi-Jukebox-RFID. The vulnerability affects unknown code within the /htdocs/userScripts.php file. Manipulation of the Custom script...
RPi-Jukebox-RFID 代码注入漏洞
RPi-Jukebox-RFID is a contactless jukebox for the Raspberry Pi from the individual developer Micz Flor in Germany. It can play audio files, playlists, podcasts, web streams and spotify triggered by RFID cards. A code injection vulnerability exists in RPi-Jukebox-RFID version 2.8.0 and earlier,...