High severityNVD Advisory· Published Dec 5, 2025· Updated Apr 15, 2026

CVE-2020-36878

Description

ReQuest Serious Play Media Player 3.0 contains an unauthenticated file disclosure vulnerability when input passed through the 'file' parameter in and script is not properly verified before being used to read web log files. Attackers can exploit this to disclose contents of files from local resources.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.exploit-db.com/exploits/48949nvd
www.vulncheck.com/advisories/request-serious-play-f-media-player-directory-traversal-file-disclosurenvd
www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5599.phpnvd

News mentions

No linked articles in our index yet.

cvss	0.455
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000