CVE-2025-7895 – Harry0703 MoneyPrinterTurbo Unrestricted File Upload Vulnerability

CVE ID : CVE-2025-7895

Published : July 20, 2025, 3:15 p.m. | 1 hour, 38 minutes ago

Description : A vulnerability, which was classified as critical, was found in harry0703 MoneyPrinterTurbo up to 1.2.6. Affected is the function upload_bgm_file of the file app/controllers/v1/video.py of the component File Extension Handler. The manipulation of the argument File leads to unrestricted upload. It is possible to launch the attack remotely.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…