CVE-2025-13588 | lKinderBueno Streamity Xtream IPTV Player up to 2.8 public/proxy.php Nusẽtɔwo aɖe le be wotsɔe ɖe agbe. server-side request forgery

Inserito da Angelo Barbosa | Nov 23, 2025 | CVE

A vulnerability marked as critical has been reported in lKinderBueno Streamity Xtream IPTV Player up to 2.8. The impacted element is an unknown function of the file public/proxy.php. Performing manipulation results in server-side request forgery.

This vulnerability is identified as CVE-2025-13588. The attack can be initiated remotely. Additionally, an exploit exists.

It is suggested to upgrade the affected component.

CVE-2025-13588 | lKinderBueno Streamity Xtream IPTV Player up to 2.8 public/proxy.php Nusẽtɔwo aɖe le be wotsɔe ɖe agbe. server-side request forgery

Post correlati

CVE-2025-25878 | itsourcecode Simple ChatBox up to 1.0 /del.php sql injection

CVE-2025-20905 | Samsung Mobile Devices out-of-bounds write

CVE-2024-41889 | Pimax Play/PiTool Websocket Connection improper authentication

CVE-2023-6337 | HashiCorp Vault/Vault Enterprise prior 1.15.4 HTTP Request allocation of resources