CVE-2025-56263
16.09.2025, 20:15
by-night sms V1.0 has an Arbitrary File Upload vulnerability. The /api/sms/upload/headImg endpoint allows uploading arbitrary files. Users can upload files of any size and type.Enginsight
Awaiting analysis
This vulnerability is currently awaiting analysis.