CVE-2025-13588 | lKinderBueno Streamity Xtream IPTV Player up to 2.8 public/proxy.php Nusẽtɔwo aɖe le be wotsɔe ɖe agbe. server-side request forgery

November 23, 2025 Yanac

A vulnerability marked as critical has been reported in lKinderBueno Streamity Xtream IPTV Player up to 2.8. The impacted element is an unknown function of the file public/proxy.php. Performing manipulation results in server-side request forgery.

This vulnerability is identified as CVE-2025-13588. The attack can be initiated remotely. Additionally, an exploit exists.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More