CVE-2020-36878

UNKNOWN 0.0

ReQuest Serious Play F3 Media Player <= 3.0.0 Directory Traversal File Disclosure

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

ReQuest Serious Play Media Player 3.0 contains an unauthenticated file disclosure vulnerability when input passed through the 'file' parameter in and script is not properly verified before being used to read web log files. Attackers can exploit this to disclose contents of files from local resources.

CWE	CWE-73
Vendor	request serious play llc
Product	request serious play media player
Published	Dec 5, 2025
Last Updated	Apr 7, 2026

Stay Ahead of the Next One

Get instant alerts for request serious play llc request serious play media player

Be the first to know when new unknown vulnerabilities affecting request serious play llc request serious play media player are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

ReQuest Serious Play LLC / ReQuest Serious Play Media Player

3.0.0 2.1.0.831 1.5.2.822 1.5.2.821 1.5.1.820

References

NVD ↗ CVE.org ↗ EPSS Data ↗

exploit-db.com: https://www.exploit-db.com/exploits/48949 zeroscience.mk: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5599.php vulncheck.com: https://www.vulncheck.com/advisories/request-serious-play-f-media-player-directory-traversal-file-disclosure

Credits

LiquidWorm, Gjoko 'LiquidWorm' Krstic @zeroscience