QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2020-36878

Back to search

CVE-2020-36878

Published: Dec 5, 2025

Modified: Apr 7, 2026

PUBLISHED

Description

ReQuest Serious Play Media Player 3.0 contains an unauthenticated file disclosure vulnerability when input passed through the 'file' parameter in and script is not properly verified before being used to read web log files. Attackers can exploit this to disclose contents of files from local resources.

VendorProductVersions

ReQuest Serious Play LLC

ReQuest Serious Play Media Player

affected
3.0.0
affected
2.1.0.831
affected
1.5.2.822
affected
1.5.2.821
affected
1.5.1.820

Weaknesses (CWE)

CWE-73

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now