DVDFab 12 Player/PlayerFab - Local File Inclusion

DVDFab 12 Player/PlayerFab is susceptible to local file inclusion which allows a remote attacker to download any file on the Windows file system for which the user account running DVDFab 12 Player recently renamed PlayerFab has read-access. id: CVE-2022-25216 info: name: DVDFab 12 Player/PlayerFa...

CVE-2022-25216

An absolute path traversal vulnerability allows a remote attacker to download any file on the Windows file system for which the user account running DVDFab 12 Player recently renamed PlayerFab has read-access, by means of an HTTP GET request to http://:32080/download/...

CVE-2022-25216

DVDFab 12 Player/PlayerFab is affected by a local file inclusion (absolute path traversal) via HTTP GET to /download/. The issue allows remote attackers to download any file on the Windows filesystem readable by the running user. Root cause: traversal of local paths in the download endpoint. Affe...

DVDFab 路径遍历漏洞

DVDFab is a multimedia solution. A path traversal vulnerability exists in DVDFab 12 PlayerFab. The following products and versions are affected: DVDFab 12 from version 6.2.1.0 to 6.2.1.1, PlayerFab from version 7.0.0.0 to 7.0.0.5...