harry0703 MoneyPrinterTurbo video.py delete_video path traversal

July 20, 2025 invoker category_cve

CVE Details

Basic Information

Title harry0703 MoneyPrinterTurbo video.py delete_video path traversal
Type cve
Published 2025-07-20T14:44:04.741Z
Modified 2025-07-20T14:44:04.741Z

Product Information

Vendor harry0703
Product MoneyPrinterTurbo
Version 1.2.0

CVSS Information

Base Score 5.3 (MEDIUM)
Attack Vector CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X

Affected Products

  • harry0703 MoneyPrinterTurbo 1.2.0
  • harry0703 MoneyPrinterTurbo 1.2.1
  • harry0703 MoneyPrinterTurbo 1.2.2
  • harry0703 MoneyPrinterTurbo 1.2.3
  • harry0703 MoneyPrinterTurbo 1.2.4
  • harry0703 MoneyPrinterTurbo 1.2.5
  • harry0703 MoneyPrinterTurbo 1.2.6

Additional Information

CWE List CWE-22
Source VulDB

Description

A vulnerability has been found in harry0703 MoneyPrinterTurbo up to 1.2.6 and classified as critical. Affected by this vulnerability is the function download_video/delete_video of the file app/controllers/v1/video.py. The manipulation leads to path traversal. The attack can be launched remotely.

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.