CVE-2026-8115

A security flaw has been discovered in gyoridavid short-video-maker up to 1.3.4. This affects an unknown part of the file src/server/routers/rest.ts of the component REST API. The manipulation of the argument req.params.tmpFile results in path traversal. The attack can be launched remotely. The...

GHSA-935G-9RQ5-Q95C short-video-maker has a path traversal vulnerability

A security flaw has been discovered in gyoridavid short-video-maker up to 1.3.4. This affects an unknown part of the file src/server/routers/rest.ts of the component REST API. The manipulation of the argument req.params.tmpFile results in path traversal. The attack can be launched remotely. The...

short-video-maker has a path traversal vulnerability

A security flaw has been discovered in gyoridavid short-video-maker up to 1.3.4. This affects an unknown part of the file src/server/routers/rest.ts of the component REST API. The manipulation of the argument req.params.tmpFile results in path traversal. The attack can be launched remotely. The...

NPM: short-video-maker has a path traversal vulnerability

NPM: short-video-maker has a path traversal vulnerability discovered by ? in WordPress Npm short-video-maker versions = 1.3.4...

EUVD-2026-28472

A security flaw has been discovered in gyoridavid short-video-maker up to 1.3.4. This affects an unknown part of the file src/server/routers/rest.ts of the component REST API. The manipulation of the argument req.params.tmpFile results in path traversal. The attack can be launched remotely. The...

Directory Traversal

Overview short-video-maker is a Creates short videos for TikTok, Instagram Reels, and YouTube Shorts using the Model Context Protocol MCP and a REST API. Affected versions of this package are vulnerable to Directory Traversal via the req.params.tmpFile parameter in the REST API. An attacker can...

CVE-2026-8115 gyoridavid short-video-maker REST API rest.ts path traversal

A security flaw has been discovered in gyoridavid short-video-maker up to 1.3.4. This affects an unknown part of the file src/server/routers/rest.ts of the component REST API. The manipulation of the argument req.params.tmpFile results in path traversal. The attack can be launched remotely. The...

CVE-2026-8115 gyoridavid short-video-maker REST API rest.ts path traversal

A security flaw has been discovered in gyoridavid short-video-maker up to 1.3.4. This affects an unknown part of the file src/server/routers/rest.ts of the component REST API. The manipulation of the argument req.params.tmpFile results in path traversal. The attack can be launched remotely. The...

CVE-2026-8115

A security flaw has been discovered in gyoridavid short-video-maker up to 1.3.4. This affects an unknown part of the file src/server/routers/rest.ts of the component REST API. The manipulation of the argument req.params.tmpFile results in path traversal. The attack can be launched remotely. The...

CVE-2026-8115

CVE-2026-8115 affects gyoridavid short-video-maker (up to v1.3.4). The vulnerability is in the REST API component, specifically the file path src/server/routers/rest.ts. An input manipulation of req.params.tmpFile enables path traversal, with remote exploitation possible. Public exploit exists. T...

Short Video Maker 路径遍历漏洞

Short Video Maker is an automated short video generation tool developed by David Gyori. Versions of Short Video Maker 1.3.4 and earlier had a path traversal vulnerability. This vulnerability stemmed from the paramics.tmpFile operation in the REST API component, allowing for path traversal and...

Glitch Video Maker - Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Glitch Video Maker published at the 'play' market has multiple vulnerabilities...

Photo Video Maker - Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Photo Video Maker published at the 'play' market has multiple vulnerabilities...

KlipMix - Free Video Maker - Corrupted files, Dynamic Code Loading, External URLs vulnerabilities

HackApp vulnerability scanner discovered that application KlipMix - Free Video Maker published at the 'play' market has multiple vulnerabilities...

Video Maker - Exported ContentProvider, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Video Maker published at the 'play' market has multiple vulnerabilities...

Video Maker - Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Video Maker published at the 'play' market has multiple vulnerabilities...

Dance Video Maker - Dynamic Code Loading, External URLs, Runtime command execution vulnerabilities

HackApp vulnerability scanner discovered that application Dance Video Maker published at the 'play' market has multiple vulnerabilities...

Don't Judge Me Video Maker - MIT license, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Don't Judge Me Video Maker published at the 'play' market has multiple vulnerabilities...

Triller - Music Video Maker - Customized SSL, Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Triller - Music Video Maker published at the 'play' market has multiple vulnerabilities...

Mini Video Maker - Slide Show - Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Mini Video Maker - Slide Show published at the 'play' market has multiple vulnerabilities...