Vulnerabilities (CVE)

Filtered by vendor Dvdfab Subscribe
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-25216 1 Dvdfab 2 12 Player, Playerfab 2024-11-21 7.8 HIGH 7.5 HIGH
An absolute path traversal vulnerability allows a remote attacker to download any file on the Windows file system for which the user account running DVDFab 12 Player (recently renamed PlayerFab) has read-access, by means of an HTTP GET request to http://<IP_ADDRESS>:32080/download/<URL_ENCODED_PATH>.