VYPR

Rpi Jukebox Rfid

by Sourcefabric

Source repositories

CVEs (8)

  • CVE-2025-10327MedSep 12, 2025
    risk 0.44cvss 6.3epss 0.10

    A weakness has been identified in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected by this vulnerability is an unknown functionality of the file /htdocs/api/playlist/shuffle.php. Executing manipulation of the argument playlist can lead to os command injection. The attack can be…

  • CVE-2025-10328MedSep 12, 2025
    risk 0.41cvss 6.3epss 0.09

    A security vulnerability has been detected in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected by this issue is some unknown functionality of the file /htdocs/api/playlist/playsinglefile.php. The manipulation of the argument File leads to os command injection. The attack may be…

  • CVE-2025-10326MedSep 12, 2025
    risk 0.41cvss 6.3epss 0.07

    A security flaw has been discovered in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected is an unknown function of the file /htdocs/api/playlist/single.php. Performing manipulation of the argument playlist results in os command injection. The attack can be initiated remotely. The…

  • CVE-2025-10370LowSep 13, 2025
    risk 0.26cvss 3.5epss 0.01

    A vulnerability was identified in MiczFlor RPi-Jukebox-RFID up to 2.8.0. This vulnerability affects unknown code of the file /htdocs/userScripts.php. The manipulation of the argument Custom script leads to cross site scripting. The attack is possible to be carried out remotely.…

  • CVE-2025-10369LowSep 13, 2025
    risk 0.23cvss 3.5epss 0.00

    A vulnerability was determined in MiczFlor RPi-Jukebox-RFID up to 2.8.0. This affects an unknown part of the file /htdocs/cardRegisterNew.php. Executing manipulation can lead to cross site scripting. The attack can be executed remotely. The exploit has been publicly disclosed…

  • CVE-2025-10368LowSep 13, 2025
    risk 0.23cvss 3.5epss 0.00

    A vulnerability was found in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected by this issue is some unknown functionality of the file /htdocs/manageFilesFolders.php. Performing manipulation results in cross site scripting. Remote exploitation of the attack is possible. The…

  • CVE-2025-10367LowSep 13, 2025
    risk 0.23cvss 3.5epss 0.00

    A vulnerability has been found in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected by this vulnerability is an unknown functionality of the file /htdocs/cardEdit.php. Such manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been…

  • CVE-2025-10366LowSep 13, 2025
    risk 0.23cvss 3.5epss 0.00

    A flaw has been found in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected is an unknown function of the file /htdocs/inc.setWlanIpMail.php. This manipulation of the argument Email address causes cross site scripting. The attack may be initiated remotely. The exploit has been…