Lucene search
+L

380 matches found

Vulnrichment
Vulnrichment
added 2025/09/13 2:2 p.m.3 views

CVE-2025-10367 MiczFlor RPi-Jukebox-RFID cardEdit.php cross site scripting

A vulnerability has been found in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected by this vulnerability is an unknown functionality of the file /htdocs/cardEdit.php. Such manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public...

5.1CVSS3.6AI score0.00273EPSS
Exploits1References5
OSV
OSV
added 2025/09/13 2:2 p.m.2 views

CVE-2025-10367 MiczFlor RPi-Jukebox-RFID cardEdit.php cross site scripting

A vulnerability has been found in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected by this vulnerability is an unknown functionality of the file /htdocs/cardEdit.php. Such manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public...

5.1CVSS4AI score0.00273EPSS
Exploits1References7
Cvelist
Cvelist
added 2025/09/13 1:32 p.m.15 views

CVE-2025-10366 MiczFlor RPi-Jukebox-RFID inc.setWlanIpMail.php cross site scripting

A flaw has been found in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected is an unknown function of the file /htdocs/inc.setWlanIpMail.php. This manipulation of the argument Email address causes cross site scripting. The attack may be initiated remotely. The exploit has been published and may be...

5.1CVSS0.00264EPSS
Exploits1References5
CVE
CVE
added 2025/09/13 1:32 p.m.20 views

CVE-2025-10366

CVE-2025-10366 affects MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected is an unknown function in the file /htdocs/inc.setWlanIpMail.php , where manipulation of the Email address argument enables a cross-site scripting (XSS) flaw. The attack can be initiated remotely, and the exploit has been publ...

5.4CVSS3.8AI score0.00264EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2025/09/13 1:32 p.m.5 views

CVE-2025-10366 MiczFlor RPi-Jukebox-RFID inc.setWlanIpMail.php cross site scripting

A flaw has been found in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected is an unknown function of the file /htdocs/inc.setWlanIpMail.php. This manipulation of the argument Email address causes cross site scripting. The attack may be initiated remotely. The exploit has been published and may be...

5.1CVSS4.3AI score0.00264EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2025/09/13 12:0 a.m.6 views

PT-2025-37372

Name of the Vulnerable Software and Affected Versions: MiczFlor RPi-Jukebox-RFID versions up to 2.8.0 Description: A flaw has been found in MiczFlor RPi-Jukebox-RFID. The manipulation of the Email address argument in an unknown function of the file /htdocs/inc.setWlanIpMail.php causes cross site...

5.1CVSS3.1AI score0.00264EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2025/09/13 12:0 a.m.9 views

PT-2025-37373

Name of the Vulnerable Software and Affected Versions: MiczFlor RPi-Jukebox-RFID versions up to 2.8.0 Description: A cross-site scripting issue exists in MiczFlor RPi-Jukebox-RFID. The issue is related to an unknown functionality within the /htdocs/cardEdit.php file. This manipulation can lead to...

5.1CVSS3.5AI score0.00273EPSS
Exploits1References10
Positive Technologies
Positive Technologies
added 2025/09/13 12:0 a.m.7 views

PT-2025-37389

Name of the Vulnerable Software and Affected Versions: MiczFlor RPi-Jukebox-RFID versions up to 2.8.0 Description: A cross site scripting issue exists in MiczFlor RPi-Jukebox-RFID. The vulnerability affects unknown code within the /htdocs/userScripts.php file. Manipulation of the Custom script...

5.4CVSS4.4AI score0.00631EPSS
Exploits3References14
CNNVD
CNNVD
added 2025/09/13 12:0 a.m.5 views

RPi-Jukebox-RFID 代码注入漏洞

RPi-Jukebox-RFID is a contactless jukebox for the Raspberry Pi from the individual developer Micz Flor in Germany. It can play audio files, playlists, podcasts, web streams and spotify triggered by RFID cards. A code injection vulnerability exists in RPi-Jukebox-RFID version 2.8.0 and earlier,...

6.1CVSS4.7AI score0.00276EPSS
Exploits1References7
CNNVD
CNNVD
added 2025/09/13 12:0 a.m.41 views

RPi-Jukebox-RFID 代码注入漏洞

RPi-Jukebox-RFID is a contactless jukebox for the Raspberry Pi from the individual developer Micz Flor in Germany. It can play audio files, playlists, podcasts, web streams and spotify triggered by RFID cards. A code injection vulnerability exists in RPi-Jukebox-RFID version 2.8.0 and earlier,...

5.4CVSS4.7AI score0.00631EPSS
Exploits3References6
Positive Technologies
Positive Technologies
added 2025/09/13 12:0 a.m.9 views

PT-2025-37374

Name of the Vulnerable Software and Affected Versions: MiczFlor RPi-Jukebox-RFID versions up to 2.8.0 Description: A cross site scripting issue exists due to manipulation of an unknown functionality within the /htdocs/manageFilesFolders.php file. Remote exploitation is possible. The exploit has...

5.1CVSS3.7AI score0.00273EPSS
Exploits1References9
CNNVD
CNNVD
added 2025/09/13 12:0 a.m.6 views

RPi-Jukebox-RFID 代码注入漏洞

RPi-Jukebox-RFID is a contactless jukebox for the Raspberry Pi from the individual developer Micz Flor in Germany. It can play audio files, playlists, podcasts, web streams and spotify triggered by RFID cards. A code injection vulnerability exists in RPi-Jukebox-RFID version 2.8.0 and earlier,...

5.4CVSS4.6AI score0.00264EPSS
Exploits1References6
Cvelist
Cvelist
added 2025/09/12 9:32 p.m.18 views

CVE-2025-10328 MiczFlor RPi-Jukebox-RFID playsinglefile.php os command injection

A security vulnerability has been detected in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected by this issue is some unknown functionality of the file /htdocs/api/playlist/playsinglefile.php. The manipulation of the argument File leads to os command injection. The attack may be initiated remotely...

6.5CVSS0.09438EPSS
Exploits1References4
CVE
CVE
added 2025/09/12 9:32 p.m.28 views

CVE-2025-10328

CVE-2025-10328 affects MiczFlor RPi-Jukebox-RFID versions up to 2.8.0. The vulnerability stems from improper handling of the File argument in the file /htdocs/api/playlist/playsinglefile.php , enabling os command injection. The issue can be exploited remotely and has been publicly disclosed. Mult...

9.8CVSS6.5AI score0.09438EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2025/09/12 9:15 p.m.42 views

CVE-2025-10327

A weakness has been identified in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected by this vulnerability is an unknown functionality of the file /htdocs/api/playlist/shuffle.php. Executing manipulation of the argument playlist can lead to os command injection. The attack can be launched remotely...

9.8CVSS0.10158EPSS
Exploits3References5
NVD
NVD
added 2025/09/12 9:15 p.m.22 views

CVE-2025-10326

A security flaw has been discovered in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected is an unknown function of the file /htdocs/api/playlist/single.php. Performing manipulation of the argument playlist results in os command injection. The attack can be initiated remotely. The exploit has been...

9.8CVSS0.07099EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/09/12 9:2 p.m.3 views

CVE-2025-10327 MiczFlor RPi-Jukebox-RFID shuffle.php os command injection

A weakness has been identified in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected by this vulnerability is an unknown functionality of the file /htdocs/api/playlist/shuffle.php. Executing manipulation of the argument playlist can lead to os command injection. The attack can be launched remotely...

6.5CVSS6.3AI score0.10158EPSS
Exploits3References4
Cvelist
Cvelist
added 2025/09/12 9:2 p.m.39 views

CVE-2025-10327 MiczFlor RPi-Jukebox-RFID shuffle.php os command injection

A weakness has been identified in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected by this vulnerability is an unknown functionality of the file /htdocs/api/playlist/shuffle.php. Executing manipulation of the argument playlist can lead to os command injection. The attack can be launched remotely...

6.5CVSS0.10158EPSS
Exploits3References4
OSV
OSV
added 2025/09/12 9:2 p.m.5 views

CVE-2025-10327 MiczFlor RPi-Jukebox-RFID shuffle.php os command injection

A weakness has been identified in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected by this vulnerability is an unknown functionality of the file /htdocs/api/playlist/shuffle.php. Executing manipulation of the argument playlist can lead to os command injection. The attack can be launched remotely...

5.3CVSS6.2AI score0.10158EPSS
Exploits3References7
Cvelist
Cvelist
added 2025/09/12 8:32 p.m.27 views

CVE-2025-10326 MiczFlor RPi-Jukebox-RFID single.php os command injection

A security flaw has been discovered in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected is an unknown function of the file /htdocs/api/playlist/single.php. Performing manipulation of the argument playlist results in os command injection. The attack can be initiated remotely. The exploit has been...

6.5CVSS0.07099EPSS
Exploits1References5
Rows per page
Query Builder