35 matches found
CVE-2018-25310
VideoFlow Digital Video Protection DVP 2.10 contains an authenticated remote code execution vulnerability that allows authenticated attackers to execute arbitrary system commands by exploiting a cross-site request forgery flaw in the web management interface. Attackers with valid credentials can...
CVE-2018-25311 VideoFlow Digital Video Protection DVP 2.10 Authenticated Directory Traversal
VideoFlow Digital Video Protection DVP 2.10 contains an authenticated directory traversal vulnerability that allows attackers with valid credentials to disclose arbitrary files by injecting path traversal sequences in the ID parameter. Attackers can submit requests to downloadsys.pl,...
EUVD-2018-21832
VideoFlow Digital Video Protection DVP 2.10 contains an authenticated directory traversal vulnerability that allows authenticated attackers to disclose arbitrary files by injecting path traversal sequences in the ID parameter. Attackers can submit requests to downloadsys.pl, downloadxml.pl,...
CVE-2018-25311
VideoFlow Digital Video Protection DVP 2.10 is affected by an authenticated directory traversal vulnerability. An authenticated attacker can disclose arbitrary files by injecting path traversal sequences into the ID parameter when issuing requests to downloadsys.pl, download_xml.pl, download.pl, ...
CVE-2018-25311
VideoFlow Digital Video Protection DVP 2.10 contains an authenticated directory traversal vulnerability that allows attackers with valid credentials to disclose arbitrary files by injecting path traversal sequences in the ID parameter. Attackers can submit requests to downloadsys.pl,...
CVE-2018-25311 VideoFlow Digital Video Protection DVP 2.10 Authenticated Directory Traversal
VideoFlow Digital Video Protection DVP 2.10 contains an authenticated directory traversal vulnerability that allows attackers with valid credentials to disclose arbitrary files by injecting path traversal sequences in the ID parameter. Attackers can submit requests to downloadsys.pl,...
CVE-2018-25310 VideoFlow Digital Video Protection DVP 2.10 - Authenticated Remote Code Execution
VideoFlow Digital Video Protection DVP 2.10 contains an authenticated remote code execution vulnerability that allows authenticated attackers to execute arbitrary system commands by exploiting a cross-site request forgery flaw in the web management interface. Attackers with valid credentials can...
EUVD-2018-21831
VideoFlow Digital Video Protection DVP 2.10 contains an authenticated remote code execution vulnerability that allows authenticated attackers to execute arbitrary system commands by exploiting a cross-site request forgery flaw in the web management interface. Attackers with valid credentials can...
CVE-2018-25310 VideoFlow Digital Video Protection DVP 2.10 - Authenticated Remote Code Execution
VideoFlow Digital Video Protection DVP 2.10 contains an authenticated remote code execution vulnerability that allows authenticated attackers to execute arbitrary system commands by exploiting a cross-site request forgery flaw in the web management interface. Attackers with valid credentials can...
CVE-2018-25310
VideoFlow Digital Video Protection DVP 2.10 is affected by an authenticated remote code execution vulnerability. An attacker with valid credentials can exploit a cross-site request forgery in the web management interface to inject and execute system commands via Tools > System > Shell, gain...
VideoFlow Digital Video Protection 路径遍历漏洞
VideoFlow Digital Video Protection is a broadcast-grade video transmission device developed by VideoFlow Corporation in the United States. Version 2.10 of VideoFlow Digital Video Protection contains a path traversal vulnerability. This vulnerability stems from authenticated directory traversal,...
PT-2026-35994
VideoFlow Digital Video Protection DVP 2.10 contains an authenticated directory traversal vulnerability that allows authenticated attackers to disclose arbitrary files by injecting path traversal sequences in the ID parameter. Attackers can submit requests to downloadsys.pl, download xml.pl,...
CVE-2019-25256
VideoFlow Digital Video Protection DVP 2.10 contains an authenticated directory traversal vulnerability that allows attackers to access arbitrary system files through unvalidated 'ID' parameters. Attackers can exploit multiple Perl scripts like downloadsys.pl to read sensitive files by manipulati...
CVE-2019-25256 VideoFlow Digital Video Protection DVP 2.10 Authenticated Directory Traversal
VideoFlow Digital Video Protection DVP 2.10 contains an authenticated directory traversal vulnerability that allows attackers to access arbitrary system files through unvalidated 'ID' parameters. Attackers can exploit multiple Perl scripts like downloadsys.pl to read sensitive files by manipulati...
CVE-2019-25255 VideoFlow Digital Video Protection DVP 2.10 Authenticated Remote Code Execution
VideoFlow Digital Video Protection DVP 2.10 contains an authenticated remote code execution vulnerability that allows attackers to execute system commands with root privileges. Attackers can exploit the vulnerability through a cross-site request forgery CSRF mechanism to gain unauthorized system...
CVE-2019-25255
CVE-2019-25255 affects VideoFlow Digital Video Protection DVP 2.10. The issue is an authenticated remote code execution vulnerability caused by a cross-site request forgery (CSRF) mechanism, allowing an attacker with authenticated access to execute system commands with root privileges. The availa...
CVE-2019-25256
CVE-2019-25256 affects VideoFlow Digital Video Protection DVP 2.10. An authenticated directory traversal exists due to unvalidated ID parameters (e.g., via scripts like downloadsys.pl) allowing access to arbitrary system files. Impact includes potential exposure of sensitive files (CONFIDENTIALIT...
PT-2025-53341
Name of the Vulnerable Software and Affected Versions VideoFlow Digital Video Protection DVP version 2.10 Description The software contains an authenticated remote code execution issue that enables attackers to execute system commands with root privileges. Exploitation occurs through a cross-site...
VideoFlow Digital Video Protection 安全漏洞
VideoFlow Digital Video Protection is a broadcast-quality video delivery device from VideoFlow, Inc. A security vulnerability exists in VideoFlow Digital Video Protection version 2.10, which stems from insufficient validation of the ID parameter and could lead to a directory traversal attack...
PT-2025-53342
Name of the Vulnerable Software and Affected Versions VideoFlow Digital Video Protection DVP version 2.10 Description The software contains a directory traversal issue that allows attackers to access arbitrary system files. This is possible due to unvalidated ID parameters. Attackers can exploit...