CVE-2025-56263 | by-night sms 1.0 /api/sms/upload/headImg unrestricted upload

September 16, 2025 Yanac

A vulnerability was found in by-night sms 1.0. It has been declared as critical. This affects an unknown part of the file /api/sms/upload/headImg. Executing manipulation can lead to unrestricted upload.

This vulnerability appears as CVE-2025-56263. The attack may be performed from remote. There is no available exploit.VulDB Recent EntriesRead More

CVE-2025-10058 | WP Import Plugin up to 7.27 on WordPress upload_function denial of service
CVE-2025-56264 | zhangyd-c OneBlog 2.3.9 /api/comment denial of service