harry0703 MoneyPrinterTurbo video.py delete_video path traversal_CVE-2025-7896

5.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X

Description

A vulnerability has been found in harry0703 MoneyPrinterTurbo up to 1.2.6 and classified as critical. Affected by this vulnerability is the function download_video/delete_video of the file app/controllers/v1/video.py. The manipulation leads to path traversal. The attack can be launched remotely.

Basic Information

ID CVE-2025-7896

Source VulDB

Published Jul 20, 2025 at 14:44

Modified Jul 21, 2025 at 12:39

Affected Product

Vendor harry0703

Product MoneyPrinterTurbo

Version 1.2.0

Affected Versions harry0703 MoneyPrinterTurbo 1.2.0
harry0703 MoneyPrinterTurbo 1.2.1
harry0703 MoneyPrinterTurbo 1.2.2
harry0703 MoneyPrinterTurbo 1.2.3
harry0703 MoneyPrinterTurbo 1.2.4
harry0703 MoneyPrinterTurbo 1.2.5
harry0703 MoneyPrinterTurbo 1.2.6

CWE Classification

CWE-22

References

{
    "lastseen": "",
    "description": "A vulnerability has been found in harry0703 MoneyPrinterTurbo up to 1.2.6 and classified as critical. Affected by this vulnerability is the function download_video/delete_video of the file app/controllers/v1/video.py. The manipulation leads to path traversal. The attack can be launched remotely.",
    "published": "2025-07-20T14:44:04.741Z",
    "modified": "2025-07-21T12:39:40.937Z",
    "type": "cve",
    "title": "harry0703 MoneyPrinterTurbo video.py delete_video path traversal",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.317011\nhttps://vuldb.com/?ctiid.317011\nhttps://vuldb.com/?submit.608941\nhttps://vuldb.com/?submit.609041",
    "id": "CVE-2025-7896",
    "bulletinFamily": "",
    "cwe": [
        "CWE-22"
    ],
    "cvelist": null,
    "sourceData": "harry0703 MoneyPrinterTurbo 1.2.0\nharry0703 MoneyPrinterTurbo 1.2.1\nharry0703 MoneyPrinterTurbo 1.2.2\nharry0703 MoneyPrinterTurbo 1.2.3\nharry0703 MoneyPrinterTurbo 1.2.4\nharry0703 MoneyPrinterTurbo 1.2.5\nharry0703 MoneyPrinterTurbo 1.2.6",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "MoneyPrinterTurbo",
    "version": "1.2.0",
    "vendor": "harry0703",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}