Medium severity6.5NVD Advisory· Published Dec 24, 2025· Updated Apr 15, 2026
CVE-2019-25256
CVE-2019-25256
Description
VideoFlow Digital Video Protection DVP 2.10 contains an authenticated directory traversal vulnerability that allows attackers to access arbitrary system files through unvalidated 'ID' parameters. Attackers can exploit multiple Perl scripts like downloadsys.pl to read sensitive files by manipulating directory path traversal in download requests.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: = 2.10
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.