5.3
CVE-2025-7896 - harry0703 MoneyPrinterTurbo video.py delete_video path traversal
A vulnerability has been found in harry0703 MoneyPrinterTurbo up to 1.2.6 and classified as critical. Affected by this vulnerability is the function download_video/delete_video of the file app/controllers/v1/video.py. The manipulation leads to path traversal. The attack can be launched remotely.
8.6
CVE-2025-46385 -
CWE-918 Server-Side Request Forgery (SSRF)
8.8
CVE-2025-46384 -
CWE-434 Unrestricted Upload of File with Dangerous Type
6.1
CVE-2025-46383 -
CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
5.3
CVE-2025-7895 - harry0703 MoneyPrinterTurbo File Extension video.py upload_bgm_file unrestricted upload
A vulnerability, which was classified as critical, was found in harry0703 MoneyPrinterTurbo up to 1.2.6. Affected is the function upload_bgm_file of the file app/controllers/v1/video.py of the component File Extension Handler. The manipulation of the argument File leads to unrestricted upload. It iβ¦
5.3
CVE-2025-46382 -
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
5.3
CVE-2025-7894 - Onyx Chat Interface a3_generate_simple_sql.py generate_simple_sql sql injection
A vulnerability, which was classified as critical, has been found in Onyx up to 0.29.1. This issue affects the function generate_simple_sql of the file backend/onyx/agents/agent_search/kb_search/nodes/a3_generate_simple_sql.py of the component Chat Interface. The manipulation leads to sql injectionβ¦
4.8
CVE-2025-7893 - Foresight News App pro.foresightnews.appa AndroidManifest.xml improper export of android applicatioβ¦
A vulnerability classified as problematic was found in Foresight News App up to 2.6.4 on Android. This vulnerability affects unknown code of the file AndroidManifest.xml of the component pro.foresightnews.appa. The manipulation leads to improper export of android application components. Attacking lβ¦
4.8
CVE-2025-7892 - IDnow App de.idnow AndroidManifest.xml improper export of android application components
A vulnerability classified as problematic has been found in IDnow App up to 9.6.0 on Android. This affects an unknown part of the file AndroidManifest.xml of the component de.idnow. The manipulation leads to improper export of android application components. Local access is required to approach thiβ¦
4.8
CVE-2025-7891 - InstantBits Web Video Cast App com.instantbits.cast.webvideo AndroidManifest.xml improper export ofβ¦
A vulnerability was found in InstantBits Web Video Cast App up to 5.12.4 on Android. It has been rated as problematic. Affected by this issue is some unknown functionality of the file AndroidManifest.xml of the component com.instantbits.cast.webvideo. The manipulation leads to improper export of anβ¦