CVE-2025-1213

Name of the Vulnerable Software and Affected Versions pihome-shc PiHome version 1.77

Description A problem has been found in the /index.php file, affecting some unknown functionality. The issue is related to the manipulation of the $ SERVER['PHP SELF'] argument, which leads to cross site scripting. This can be exploited remotely.

Recommendations For pihome-shc PiHome version 1.77, consider disabling the $ SERVER['PHP SELF'] argument in the /index.php file as a temporary workaround until a patch is available. Restrict access to the /index.php file to minimize the risk of exploitation. Avoid using the $ SERVER['PHP SELF'] argument in the affected file until the issue is resolved.