Lucene search
K

23 matches found

RedhatCVE
RedhatCVE
added 2025/09/15 4:25 p.m.12 views

CVE-2025-10368

A vulnerability was found in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected by this issue is some unknown functionality of the file /htdocs/manageFilesFolders.php. Performing manipulation results in cross site scripting. Remote exploitation of the attack is possible. The exploit has been made...

5.1CVSS3.7AI score0.00273EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/09/15 2:31 p.m.4 views

CVE-2025-10366

A flaw has been found in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected is an unknown function of the file /htdocs/inc.setWlanIpMail.php. This manipulation of the argument Email address causes cross site scripting. The attack may be initiated remotely. The exploit has been published and may be...

5.4CVSS3.7AI score0.00264EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/09/14 10:31 p.m.16 views

CVE-2025-10327

A weakness has been identified in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected by this vulnerability is an unknown functionality of the file /htdocs/api/playlist/shuffle.php. Executing manipulation of the argument playlist can lead to os command injection. The attack can be launched remotely...

9.8CVSS6.7AI score0.10158EPSS
Exploits3References1
NVD
NVD
added 2025/09/13 5:15 p.m.4 views

CVE-2025-10369

A vulnerability was determined in MiczFlor RPi-Jukebox-RFID up to 2.8.0. This affects an unknown part of the file /htdocs/cardRegisterNew.php. Executing manipulation can lead to cross site scripting. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized...

6.1CVSS0.00276EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2025/09/13 5:2 p.m.7 views

CVE-2025-10370 MiczFlor RPi-Jukebox-RFID userScripts.php cross site scripting

A vulnerability was identified in MiczFlor RPi-Jukebox-RFID up to 2.8.0. This vulnerability affects unknown code of the file /htdocs/userScripts.php. The manipulation of the argument Custom script leads to cross site scripting. The attack is possible to be carried out remotely. The exploit is...

5.1CVSS3.7AI score0.00631EPSS
Exploits3References5
Cvelist
Cvelist
added 2025/09/13 3:32 p.m.10 views

CVE-2025-10368 MiczFlor RPi-Jukebox-RFID manageFilesFolders.php cross site scripting

A vulnerability was found in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected by this issue is some unknown functionality of the file /htdocs/manageFilesFolders.php. Performing manipulation results in cross site scripting. Remote exploitation of the attack is possible. The exploit has been made...

5.1CVSS0.00273EPSS
Exploits1References5
CVE
CVE
added 2025/09/13 3:32 p.m.16 views

CVE-2025-10368

CVE-2025-10368 affects MiczFlor RPi-Jukebox-RFID up to 2.8.0. The issue resides in an unknown functionality of the file /htdocs/manageFilesFolders.php; manipulation leads to cross-site scripting. Remote exploitation is possible and the exploit is public. The vendor was contacted early but did not...

6.1CVSS5.2AI score0.00273EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2025/09/13 2:15 p.m.6 views

CVE-2025-10366

A flaw has been found in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected is an unknown function of the file /htdocs/inc.setWlanIpMail.php. This manipulation of the argument Email address causes cross site scripting. The attack may be initiated remotely. The exploit has been published and may be...

5.4CVSS0.00264EPSS
Exploits1References5
OSV
OSV
added 2025/09/13 2:2 p.m.2 views

CVE-2025-10367 MiczFlor RPi-Jukebox-RFID cardEdit.php cross site scripting

A vulnerability has been found in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected by this vulnerability is an unknown functionality of the file /htdocs/cardEdit.php. Such manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public...

5.1CVSS5.6AI score0.00273EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2025/09/13 2:2 p.m.2 views

CVE-2025-10367 MiczFlor RPi-Jukebox-RFID cardEdit.php cross site scripting

A vulnerability has been found in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected by this vulnerability is an unknown functionality of the file /htdocs/cardEdit.php. Such manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public...

5.1CVSS3.6AI score0.00273EPSS
Exploits1References5
CVE
CVE
added 2025/09/13 1:32 p.m.16 views

CVE-2025-10366

CVE-2025-10366 affects MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected is an unknown function in the file /htdocs/inc.setWlanIpMail.php , where manipulation of the Email address argument enables a cross-site scripting (XSS) flaw. The attack can be initiated remotely, and the exploit has been publ...

5.4CVSS3.8AI score0.00264EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2025/09/13 12:0 a.m.6 views

PT-2025-37389

Name of the Vulnerable Software and Affected Versions: MiczFlor RPi-Jukebox-RFID versions up to 2.8.0 Description: A cross site scripting issue exists in MiczFlor RPi-Jukebox-RFID. The vulnerability affects unknown code within the /htdocs/userScripts.php file. Manipulation of the Custom script...

5.4CVSS4.4AI score0.00631EPSS
Exploits3References14
Positive Technologies
Positive Technologies
added 2025/09/13 12:0 a.m.4 views

PT-2025-37379

Name of the Vulnerable Software and Affected Versions: MiczFlor RPi-Jukebox-RFID versions up to 2.8.0 Description: A cross-site scripting issue exists in MiczFlor RPi-Jukebox-RFID. The issue affects an unknown part of the /htdocs/cardRegisterNew.php file. Remote attackers can execute manipulation...

5.1CVSS3.6AI score0.00276EPSS
Exploits1References11
Positive Technologies
Positive Technologies
added 2025/09/13 12:0 a.m.4 views

PT-2025-37372

Name of the Vulnerable Software and Affected Versions: MiczFlor RPi-Jukebox-RFID versions up to 2.8.0 Description: A flaw has been found in MiczFlor RPi-Jukebox-RFID. The manipulation of the Email address argument in an unknown function of the file /htdocs/inc.setWlanIpMail.php causes cross site...

5.1CVSS3.1AI score0.00264EPSS
Exploits1References9
NVD
NVD
added 2025/09/12 9:15 p.m.42 views

CVE-2025-10327

A weakness has been identified in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected by this vulnerability is an unknown functionality of the file /htdocs/api/playlist/shuffle.php. Executing manipulation of the argument playlist can lead to os command injection. The attack can be launched remotely...

9.8CVSS0.10158EPSS
Exploits3References5
NVD
NVD
added 2025/09/12 9:15 p.m.21 views

CVE-2025-10326

A security flaw has been discovered in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected is an unknown function of the file /htdocs/api/playlist/single.php. Performing manipulation of the argument playlist results in os command injection. The attack can be initiated remotely. The exploit has been...

9.8CVSS0.07099EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/09/12 9:2 p.m.3 views

CVE-2025-10327 MiczFlor RPi-Jukebox-RFID shuffle.php os command injection

A weakness has been identified in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected by this vulnerability is an unknown functionality of the file /htdocs/api/playlist/shuffle.php. Executing manipulation of the argument playlist can lead to os command injection. The attack can be launched remotely...

6.5CVSS6.3AI score0.10158EPSS
Exploits3References4
OSV
OSV
added 2025/09/12 9:2 p.m.4 views

CVE-2025-10327 MiczFlor RPi-Jukebox-RFID shuffle.php os command injection

A weakness has been identified in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected by this vulnerability is an unknown functionality of the file /htdocs/api/playlist/shuffle.php. Executing manipulation of the argument playlist can lead to os command injection. The attack can be launched remotely...

5.3CVSS6.9AI score0.10158EPSS
Exploits3References7
CVE
CVE
added 2025/09/12 9:2 p.m.33 views

CVE-2025-10327

CVE-2025-10327 affects MiczFlor RPi-Jukebox-RFID up to version 2.8.0. The vulnerability is an OS command injection in the shuffle.php endpoint located at /htdocs/api/playlist/shuffle.php, triggered by manipulating the playlist argument. It is exploitable remotely and public proofs of concept exis...

9.8CVSS6.4AI score0.10158EPSS
Exploits3References5Affected Software1
Cvelist
Cvelist
added 2025/09/12 8:32 p.m.24 views

CVE-2025-10326 MiczFlor RPi-Jukebox-RFID single.php os command injection

A security flaw has been discovered in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected is an unknown function of the file /htdocs/api/playlist/single.php. Performing manipulation of the argument playlist results in os command injection. The attack can be initiated remotely. The exploit has been...

6.5CVSS0.07099EPSS
Exploits1References5
Rows per page
Query Builder