3 matches found
CVE-2020-36878
ReQuest Serious Play Media Player 3.0 contains an unauthenticated file disclosure vulnerability when input passed through the 'file' parameter in and script is not properly verified before being used to read web log files. Attackers can exploit this to disclose contents of files from local...
CVE-2020-36878
ReQuest Serious Play Media Player 3.0 contains an unauthenticated file disclosure vulnerability when input passed through the 'file' parameter in and script is not properly verified before being used to read web log files. Attackers can exploit this to disclose contents of files from local...
CVE-2020-36878
CVE-2020-36878 affects ReQuest Serious Play Media Player 3.0 and older builds (3.0.0, 2.1.0.831, 1.5.2.822, 1.5.2.821, 1.5.1.820). The issue is an unauthenticated directory traversal/file disclosure caused by improper verification of the file parameter used by tail.html and file.html scripts to r...