Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2026/05/09 2:21 a.m.8 views

CVE-2026-8115

A security flaw has been discovered in gyoridavid short-video-maker up to 1.3.4. This affects an unknown part of the file src/server/routers/rest.ts of the component REST API. The manipulation of the argument req.params.tmpFile results in path traversal. The attack can be launched remotely. The...

6.9CVSS5.5AI score0.00575EPSS
Exploits0References1
Snyk
Snyk
added 2026/05/08 12:31 a.m.9 views

Directory Traversal

Overview short-video-maker is a Creates short videos for TikTok, Instagram Reels, and YouTube Shorts using the Model Context Protocol MCP and a REST API. Affected versions of this package are vulnerable to Directory Traversal via the req.params.tmpFile parameter in the REST API. An attacker can...

6.9CVSS6.3AI score0.00575EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/05/08 12:31 a.m.16 views

NPM: short-video-maker has a path traversal vulnerability

NPM: short-video-maker has a path traversal vulnerability discovered by ? in WordPress Npm short-video-maker versions = 1.3.4...

6.9CVSS6AI score0.00575EPSS
Exploits0References7Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/08 12:31 a.m.12 views

short-video-maker has a path traversal vulnerability

A security flaw has been discovered in gyoridavid short-video-maker up to 1.3.4. This affects an unknown part of the file src/server/routers/rest.ts of the component REST API. The manipulation of the argument req.params.tmpFile results in path traversal. The attack can be launched remotely. The...

6.9CVSS5.7AI score0.00575EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2026/05/08 12:31 a.m.6 views

GHSA-935G-9RQ5-Q95C short-video-maker has a path traversal vulnerability

A security flaw has been discovered in gyoridavid short-video-maker up to 1.3.4. This affects an unknown part of the file src/server/routers/rest.ts of the component REST API. The manipulation of the argument req.params.tmpFile results in path traversal. The attack can be launched remotely. The...

6.9CVSS5.4AI score0.00575EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/05/07 10:45 p.m.42 views

CVE-2026-8115 gyoridavid short-video-maker REST API rest.ts path traversal

A security flaw has been discovered in gyoridavid short-video-maker up to 1.3.4. This affects an unknown part of the file src/server/routers/rest.ts of the component REST API. The manipulation of the argument req.params.tmpFile results in path traversal. The attack can be launched remotely. The...

6.9CVSS0.00575EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/05/07 10:45 p.m.9 views

CVE-2026-8115 gyoridavid short-video-maker REST API rest.ts path traversal

A security flaw has been discovered in gyoridavid short-video-maker up to 1.3.4. This affects an unknown part of the file src/server/routers/rest.ts of the component REST API. The manipulation of the argument req.params.tmpFile results in path traversal. The attack can be launched remotely. The...

6.9CVSS5.7AI score0.00575EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/07 10:45 p.m.8 views

CVE-2026-8115

A security flaw has been discovered in gyoridavid short-video-maker up to 1.3.4. This affects an unknown part of the file src/server/routers/rest.ts of the component REST API. The manipulation of the argument req.params.tmpFile results in path traversal. The attack can be launched remotely. The...

6.9CVSS5.7AI score0.00575EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/05/07 10:45 p.m.19 views

CVE-2026-8115

CVE-2026-8115 affects gyoridavid short-video-maker (up to v1.3.4). The vulnerability is in the REST API component, specifically the file path src/server/routers/rest.ts. An input manipulation of req.params.tmpFile enables path traversal, with remote exploitation possible. Public exploit exists. T...

6.9CVSS5.7AI score0.00575EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/07 12:0 a.m.11 views

Short Video Maker 路径遍历漏洞

Short Video Maker is an automated short video generation tool developed by David Gyori. Versions of Short Video Maker 1.3.4 and earlier had a path traversal vulnerability. This vulnerability stemmed from the paramics.tmpFile operation in the REST API component, allowing for path traversal and...

6.9CVSS6.1AI score0.00575EPSS
Exploits0References2
Rows per page
Query Builder