380 matches found
CVE-2025-10367 MiczFlor RPi-Jukebox-RFID cardEdit.php cross site scripting
A vulnerability has been found in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected by this vulnerability is an unknown functionality of the file /htdocs/cardEdit.php. Such manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public...
CVE-2025-10367 MiczFlor RPi-Jukebox-RFID cardEdit.php cross site scripting
A vulnerability has been found in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected by this vulnerability is an unknown functionality of the file /htdocs/cardEdit.php. Such manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public...
CVE-2025-10366 MiczFlor RPi-Jukebox-RFID inc.setWlanIpMail.php cross site scripting
A flaw has been found in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected is an unknown function of the file /htdocs/inc.setWlanIpMail.php. This manipulation of the argument Email address causes cross site scripting. The attack may be initiated remotely. The exploit has been published and may be...
CVE-2025-10366
CVE-2025-10366 affects MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected is an unknown function in the file /htdocs/inc.setWlanIpMail.php , where manipulation of the Email address argument enables a cross-site scripting (XSS) flaw. The attack can be initiated remotely, and the exploit has been publ...
CVE-2025-10366 MiczFlor RPi-Jukebox-RFID inc.setWlanIpMail.php cross site scripting
A flaw has been found in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected is an unknown function of the file /htdocs/inc.setWlanIpMail.php. This manipulation of the argument Email address causes cross site scripting. The attack may be initiated remotely. The exploit has been published and may be...
PT-2025-37372
Name of the Vulnerable Software and Affected Versions: MiczFlor RPi-Jukebox-RFID versions up to 2.8.0 Description: A flaw has been found in MiczFlor RPi-Jukebox-RFID. The manipulation of the Email address argument in an unknown function of the file /htdocs/inc.setWlanIpMail.php causes cross site...
PT-2025-37373
Name of the Vulnerable Software and Affected Versions: MiczFlor RPi-Jukebox-RFID versions up to 2.8.0 Description: A cross-site scripting issue exists in MiczFlor RPi-Jukebox-RFID. The issue is related to an unknown functionality within the /htdocs/cardEdit.php file. This manipulation can lead to...
PT-2025-37389
Name of the Vulnerable Software and Affected Versions: MiczFlor RPi-Jukebox-RFID versions up to 2.8.0 Description: A cross site scripting issue exists in MiczFlor RPi-Jukebox-RFID. The vulnerability affects unknown code within the /htdocs/userScripts.php file. Manipulation of the Custom script...
RPi-Jukebox-RFID 代码注入漏洞
RPi-Jukebox-RFID is a contactless jukebox for the Raspberry Pi from the individual developer Micz Flor in Germany. It can play audio files, playlists, podcasts, web streams and spotify triggered by RFID cards. A code injection vulnerability exists in RPi-Jukebox-RFID version 2.8.0 and earlier,...
RPi-Jukebox-RFID 代码注入漏洞
RPi-Jukebox-RFID is a contactless jukebox for the Raspberry Pi from the individual developer Micz Flor in Germany. It can play audio files, playlists, podcasts, web streams and spotify triggered by RFID cards. A code injection vulnerability exists in RPi-Jukebox-RFID version 2.8.0 and earlier,...
PT-2025-37374
Name of the Vulnerable Software and Affected Versions: MiczFlor RPi-Jukebox-RFID versions up to 2.8.0 Description: A cross site scripting issue exists due to manipulation of an unknown functionality within the /htdocs/manageFilesFolders.php file. Remote exploitation is possible. The exploit has...
RPi-Jukebox-RFID 代码注入漏洞
RPi-Jukebox-RFID is a contactless jukebox for the Raspberry Pi from the individual developer Micz Flor in Germany. It can play audio files, playlists, podcasts, web streams and spotify triggered by RFID cards. A code injection vulnerability exists in RPi-Jukebox-RFID version 2.8.0 and earlier,...
CVE-2025-10328 MiczFlor RPi-Jukebox-RFID playsinglefile.php os command injection
A security vulnerability has been detected in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected by this issue is some unknown functionality of the file /htdocs/api/playlist/playsinglefile.php. The manipulation of the argument File leads to os command injection. The attack may be initiated remotely...
CVE-2025-10328
CVE-2025-10328 affects MiczFlor RPi-Jukebox-RFID versions up to 2.8.0. The vulnerability stems from improper handling of the File argument in the file /htdocs/api/playlist/playsinglefile.php , enabling os command injection. The issue can be exploited remotely and has been publicly disclosed. Mult...
CVE-2025-10327
A weakness has been identified in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected by this vulnerability is an unknown functionality of the file /htdocs/api/playlist/shuffle.php. Executing manipulation of the argument playlist can lead to os command injection. The attack can be launched remotely...
CVE-2025-10326
A security flaw has been discovered in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected is an unknown function of the file /htdocs/api/playlist/single.php. Performing manipulation of the argument playlist results in os command injection. The attack can be initiated remotely. The exploit has been...
CVE-2025-10327 MiczFlor RPi-Jukebox-RFID shuffle.php os command injection
A weakness has been identified in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected by this vulnerability is an unknown functionality of the file /htdocs/api/playlist/shuffle.php. Executing manipulation of the argument playlist can lead to os command injection. The attack can be launched remotely...
CVE-2025-10327 MiczFlor RPi-Jukebox-RFID shuffle.php os command injection
A weakness has been identified in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected by this vulnerability is an unknown functionality of the file /htdocs/api/playlist/shuffle.php. Executing manipulation of the argument playlist can lead to os command injection. The attack can be launched remotely...
CVE-2025-10327 MiczFlor RPi-Jukebox-RFID shuffle.php os command injection
A weakness has been identified in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected by this vulnerability is an unknown functionality of the file /htdocs/api/playlist/shuffle.php. Executing manipulation of the argument playlist can lead to os command injection. The attack can be launched remotely...
CVE-2025-10326 MiczFlor RPi-Jukebox-RFID single.php os command injection
A security flaw has been discovered in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected is an unknown function of the file /htdocs/api/playlist/single.php. Performing manipulation of the argument playlist results in os command injection. The attack can be initiated remotely. The exploit has been...