CVE-2018-25311 VideoFlow Digital Video Protection DVP 2.10 Authenticated Directory Traversal

VideoFlow Digital Video Protection DVP 2.10 contains an authenticated directory traversal vulnerability that allows attackers with valid credentials to disclose arbitrary files by injecting path traversal sequences in the ID parameter. Attackers can submit requests to downloadsys.pl,...

CVE-2019-25256

CVE-2019-25256 affects VideoFlow Digital Video Protection DVP 2.10. An authenticated directory traversal exists due to unvalidated ID parameters (e.g., via scripts like downloadsys.pl) allowing access to arbitrary system files. Impact includes potential exposure of sensitive files (CONFIDENTIALIT...

VideoFlow Digital Video Protection DVP 10 Authenticated Directory Traversal Vulnerability

Exploit for hardware platform in category web applications VideoFlow Digital Video Protection DVP 10 Authenticated Directory Traversal Vendor: VideoFlow Ltd. Product web page: http://www.video-flow.com Affected version: 2.10 X-Prototype-Version: 1.6.0.2 System = Indicate if the DVP is configured ...

VideoFlow Digital Video Protection DVP 10 Authenticated Directory Traversal

VideoFlow Digital Video Protection DVP 10 Authenticated Directory Traversal Vendor: VideoFlow Ltd. Product web page: http://www.video-flow.com Affected version: 2.10 X-Prototype-Version: 1.6.0.2 System = Indicate if the DVP is configured as Protector, Sentinel or Fortress Version = The Operating...