Moneyprinterturbo
Monthly
Path traversal vulnerability in MoneyPrinterTurbo up to version 1.2.6 allows authenticated remote attackers to manipulate file upload parameters in the music API endpoint, enabling arbitrary file write operations with limited confidentiality and integrity impact. Publicly available exploit code exists and the vulnerability has low EPSS exploitation probability (0.09%, 26th percentile), suggesting limited real-world weaponization despite proof-of-concept availability.
A vulnerability has been found in harry0703 MoneyPrinterTurbo up to 1.2.6. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
wangxutech MoneyPrinterTurbo 1.2.6 allows path traversal via /api/v1/download/ URIs such as /api/v1/download//etc/passwd. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Path traversal vulnerability in MoneyPrinterTurbo up to version 1.2.6 allows authenticated remote attackers to manipulate file upload parameters in the music API endpoint, enabling arbitrary file write operations with limited confidentiality and integrity impact. Publicly available exploit code exists and the vulnerability has low EPSS exploitation probability (0.09%, 26th percentile), suggesting limited real-world weaponization despite proof-of-concept availability.
A vulnerability has been found in harry0703 MoneyPrinterTurbo up to 1.2.6. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
wangxutech MoneyPrinterTurbo 1.2.6 allows path traversal via /api/v1/download/ URIs such as /api/v1/download//etc/passwd. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.