moneyprinterturbo@1.4.5 vulnerabilities

Simply provide a topic or keyword for a video, and it will automatically generate the video copy, video materials, video subtitles, and video background music before synthesizing a high-definition short video..

latest version

1.4.5

first published

1 years ago

latest version published

1 years ago

licenses detected

MIT
[0,)

View moneyprinterturbo package health on Snyk Advisor (opens in a new tab)

Go back to all versions of this package

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the moneyprinterturbo package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
M Missing Authentication for Critical Function MoneyPrinterTurbo is a Simply provide a topic or keyword for a video, and it will automatically generate the video copy, video materials, video subtitles, and video background music before synthesizing a high-definition short video.. Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the `verify_token` function in base.py. An attacker can gain unauthorized access to sensitive API endpoints by sending requests without valid authentication tokens. How to fix Missing Authentication for Critical Function? There is no fixed version for `MoneyPrinterTurbo`.	[0,)
M Directory Traversal MoneyPrinterTurbo is a Simply provide a topic or keyword for a video, and it will automatically generate the video copy, video materials, video subtitles, and video background music before synthesizing a high-definition short video.. Affected versions of this package are vulnerable to Directory Traversal via the `delete_video` function in the `video.py` controller. An attacker can access or modify files outside the intended directory by supplying crafted input to the function. How to fix Directory Traversal? There is no fixed version for `MoneyPrinterTurbo`.	[0,)
M Arbitrary File Upload MoneyPrinterTurbo is a Simply provide a topic or keyword for a video, and it will automatically generate the video copy, video materials, video subtitles, and video background music before synthesizing a high-definition short video.. Affected versions of this package are vulnerable to Arbitrary File Upload via the `upload_bgm_file` function. An attacker can upload arbitrary files by manipulating the `File` argument, potentially leading to unauthorized code execution or system compromise. How to fix Arbitrary File Upload? There is no fixed version for `MoneyPrinterTurbo`.	[0,)