CNNVD-202510-1512 Information

CNNVD ID

CNNVD-202510-1512

Related CVE

CVE-2025-11607

• CNNVD Published: 2025-10-11

Description (Chinese)

MoneyPrinterTurbo是Harry个人开发者的一个利用AI大模型生成高清短视频的软件。 MoneyPrinterTurbo 1.2.6及之前版本存在路径遍历漏洞，该漏洞源于对文件app/controllers/v1/music.py中API端点组件参数File的错误操作，可能导致路径遍历攻击。

Description (English)

MoneyPrinturbo is a software for Harry’s personal developer to generate high-resolution short videos using a large AI model. MoneyPrinturbo 1.2.6 and previous versions have path-to-path loopholes, which stem from an error in the API end-point component parameter File in documentapp/controllers/v1/music.py, which may lead to a path-to-path attack.

Hazard Level

High

Vulnerability Type

路径遍历

Affected Vendor

个人开发者

Published

2025-10-11

Last Modified

2026-02-24

References

https://vuldb.com/?ctiid.327929 https://vuldb.com/?id.327929 https://www.notion.so/Arbitrary-File-Write-Vulnerability-in-MoneyPrinterTurbo-1-2-6-288014c4d9ca809bb411e4fe875d1e22 https://vuldb.com/?submit.672550