CVE-2018-25311

VideoFlow Digital Video Protection DVP 2.10 contains an authenticated directory traversal vulnerability that allows attackers with valid credentials to disclose arbitrary files by injecting path traversal sequences in the ID parameter. Attackers can submit requests to downloadsys.pl,...

CVE-2018-25311 VideoFlow Digital Video Protection DVP 2.10 Authenticated Directory Traversal

VideoFlow Digital Video Protection DVP 2.10 contains an authenticated directory traversal vulnerability that allows attackers with valid credentials to disclose arbitrary files by injecting path traversal sequences in the ID parameter. Attackers can submit requests to downloadsys.pl,...

EUVD-2018-21832

VideoFlow Digital Video Protection DVP 2.10 contains an authenticated directory traversal vulnerability that allows authenticated attackers to disclose arbitrary files by injecting path traversal sequences in the ID parameter. Attackers can submit requests to downloadsys.pl, downloadxml.pl,...

CVE-2018-25311

VideoFlow Digital Video Protection DVP 2.10 is affected by an authenticated directory traversal vulnerability. An authenticated attacker can disclose arbitrary files by injecting path traversal sequences into the ID parameter when issuing requests to downloadsys.pl, download_xml.pl, download.pl, ...

CVE-2018-25311

VideoFlow Digital Video Protection DVP 2.10 contains an authenticated directory traversal vulnerability that allows attackers with valid credentials to disclose arbitrary files by injecting path traversal sequences in the ID parameter. Attackers can submit requests to downloadsys.pl,...

PT-2026-35994

VideoFlow Digital Video Protection DVP 2.10 contains an authenticated directory traversal vulnerability that allows authenticated attackers to disclose arbitrary files by injecting path traversal sequences in the ID parameter. Attackers can submit requests to downloadsys.pl, download xml.pl,...

CVE-2019-25256

CVE-2019-25256 affects VideoFlow Digital Video Protection DVP 2.10. An authenticated directory traversal exists due to unvalidated ID parameters (e.g., via scripts like downloadsys.pl) allowing access to arbitrary system files. Impact includes potential exposure of sensitive files (CONFIDENTIALIT...

CVE-2025-1091 Broken Authorization Schema

A Broken Authorization schema exists where any authenticated user could download IOA script and configuration files if the URL is known...

Tenable Identity Exposure 安全漏洞

Tenable Identity Exposure is a fast, agentless solution from Tenable, Inc. It can detect and block attacks, eliminate attack paths, and provide risk-based guidance on vulnerability management and remediation. A security vulnerability exists in Tenable Identity Exposure versions prior to 3.77.9,...

gestdown-sql.txt

catdownload.php line 16 $sql = 'SELECT FROM downloads WHERE categorie='.$categorie.''; download.php line 6 mysqlquery'SELECT FROM downloads WHERE categorie=' . $GET'id'; hitcounter.php line 15 $requete = "SELECT lien FROM downloads WHERE id=$id"; download: http://www.01php.com/fiche-scripts-148.h...

ask_rave 0.9 PR - end.php?footfile Remote File Inclusion

askrave 0.9 PR - end.php?footfile Remote File Inclusion ================================================================== askrave RFI ================================================================== Info:- Scripts: askrave Download: http://rave.jk-digital.com/site/scripts/files/ask09PR.zip...