CVE-2019-25256 – VideoFlow Digital Video Protection DVP 2.10 Authenticated Directory Traversal

CVE ID : CVE-2019-25256

Published : Dec. 24, 2025, 7:28 p.m. | 53 minutes ago

Description : VideoFlow Digital Video Protection DVP 2.10 contains an authenticated directory traversal vulnerability that allows attackers to access arbitrary system files through unvalidated ‘ID’ parameters. Attackers can exploit multiple Perl scripts like downloadsys.pl to read sensitive files by manipulating directory path traversal in download requests.

Severity: 7.1 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…