A vulnerability, which was classified as critical, was found in harry0703 MoneyPrinterTurbo up to 1.2.6. Affected is the function upload_bgm_file of the file app/controllers/v1/video.py of the component File Extension Handler. The manipulation of the argument File leads to unrestricted upload. It is possible to launch the attack remotely.

CVE Database V5

Detailed information about CVE-2025-7895: Unrestricted Upload in harry0703 MoneyPrinterTurbo affecting harry0703 MoneyPrinterTurbo. Get real-time updates, techn

CVE-2025-7895: Unrestricted Upload in harry0703 MoneyPrinterTurbo - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-7895: Unrestricted Upload in harry0703 MoneyPrinterTurbo

CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')

Detailed information about CVE-2025-46383: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Emby Windows af

CVE-2025-46383: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Emby Windows - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-46383: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Emby Windows

A vulnerability, which was classified as critical, has been found in Onyx up to 0.29.1. This issue affects the function generate_simple_sql of the file backend/onyx/agents/agent_search/kb_search/nodes/a3_generate_simple_sql.py of the component Chat Interface. The manipulation leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-7894 is a critical SQL injection vulnerability identified in the Onyx software, specifically affecting versions 0.29.0 and 0.29.1. The flaw resides in the function generate_simple_sql within the file backend/onyx/agents/agent_search/kb_search/nodes/a3_generate_simple_sql.py, which is part of the Chat Interface component. This vulnerability allows an attacker to manipulate SQL queries by injecting malicious input, potentially enabling unauthorized access to or modification of the underlying database. The attack vector is remote, requiring no user interaction, and can be exploited without authentication, increasing the risk profile. Although the CVSS 4.0 score is 5.3 (medium severity), the vulnerability's characteristics—remote exploitability, no user interaction, and potential for data compromise—suggest significant risk. The vendor has not responded to early disclosure attempts, and no patches are currently available. No known exploits are reported in the wild yet, but public disclosure increases the likelihood of exploitation attempts. The vulnerability impacts the confidentiality, integrity, and availability of data managed by Onyx, especially within its Chat Interface module, which may be critical for organizations relying on this software for communication or knowledge management.

Detailed information about CVE-2025-7894: SQL Injection in Onyx affecting null Onyx. Get real-time updates, technical details, and mitigation strategies.

CVE-2025-7894: SQL Injection in Onyx - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-7894: SQL Injection in Onyx

Copy-Paste Pitfalls: Revealing the AppLocker Bypass Risks in The Suggested Block-list Policy

Source: https://www.varonis.com/blog/applocker-bypass-risks

The security threat concerns the discovery of bypass risks in Microsoft's AppLocker when using the suggested block-list policy. AppLocker is a Windows feature designed to restrict which applications and executable files users can run, thereby enforcing application control policies to prevent unauthorized or malicious software execution. The suggested block-list policy is a commonly recommended configuration that blocks known unwanted applications. However, recent analysis, as highlighted in a Varonis blog post shared on Reddit's NetSec community, reveals that this block-list approach can be circumvented by attackers through copy-paste pitfalls and other bypass techniques. These bypasses exploit gaps in the policy's coverage or weaknesses in how AppLocker interprets and enforces rules, allowing malicious actors to execute unauthorized code despite the presence of AppLocker controls. Although no specific affected versions or CVEs are listed, the medium severity rating indicates that while exploitation may require some skill or conditions, the risk is tangible. The lack of known exploits in the wild suggests this is a newly identified issue, possibly theoretical or proof-of-concept at this stage. The discussion level is minimal, indicating limited public discourse or detailed technical analysis currently available. This threat highlights the importance of carefully designing and testing AppLocker policies beyond default or suggested block-lists to ensure comprehensive application control and prevent privilege escalation or malware execution via bypass techniques.

Reddit NetSec

Detailed information about Copy-Paste Pitfalls: Revealing the AppLocker Bypass Risks in The Suggested Block-list Policy. Get real-time updates, technical detail

Copy-Paste Pitfalls: Revealing the AppLocker Bypass Risks in The Suggested Block-list Policy - Live Threat Intelligence - Threat Radar | OffSeq.com

Copy-Paste Pitfalls: Revealing the AppLocker Bypass Risks in The Suggested Block-list Policy

Reddit Discussion: Copy-Paste Pitfalls: Revealing the AppLocker Bypass Risks in The Suggested Block-list Policy

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

Detailed information about CVE-2025-46382: CWE-200 Exposure of Sensitive Information to an Unauthorized Actor in CyberArk IDP affecting CyberArk IDP. Get real-t