Vulnerabilities (CVE)

Filtered by vendor Sourcefabric Subscribe
Filtered by product Rpi-jukebox-rfid
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-36749 1 Sourcefabric 1 Rpi-jukebox-rfid 2024-11-21 N/A 9.8 CRITICAL
RPi-Jukebox-RFID v2.3.0 was discovered to contain a command injection vulnerability via the component /htdocs/utils/Files.php. This vulnerability is exploited via a crafted payload injected into the file name of an uploaded file.