Security Advisory

CVE-2025-56263

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-09-16 00:00:00

Last updated 2025-09-17 13:54:59

Assigner mitre

State PUBLISHED

Description

by-night sms V1.0 has an Arbitrary File Upload vulnerability. The /api/sms/upload/headImg endpoint allows uploading arbitrary files. Users can upload files of any size and type.

← Browse all CVEs View on cve.org ↗