8 matches found
EUVD-2025-29649
Malicious code in bioql PyPI...
CVE-2025-56263
by-night sms V1.0 has an Arbitrary File Upload vulnerability. The /api/sms/upload/headImg endpoint allows uploading arbitrary files. Users can upload files of any size and type...
CVE-2025-56263
by-night sms V1.0 has an Arbitrary File Upload vulnerability. The /api/sms/upload/headImg endpoint allows uploading arbitrary files. Users can upload files of any size and type...
CVE-2025-56263
by-night sms V1.0 has an Arbitrary File Upload vulnerability. The /api/sms/upload/headImg endpoint allows uploading arbitrary files. Users can upload files of any size and type...
CVE-2025-56263
The CVE-2025-56263 entry concerns by-night sms V1.0, which exposes an Arbitrary File Upload vulnerability via the /api/sms/upload/headImg endpoint. The root issue allows uploading arbitrary files of any size and type, enabling potential impact on confidentiality, integrity, and availability as re...
PT-2025-38078
Name of the Vulnerable Software and Affected Versions: by-night sms version 1.0 Description: The /api/sms/upload/headImg endpoint allows the upload of arbitrary files. Users can upload files of any size and type. Recommendations: As a temporary workaround, consider restricting access to the...
CVE-2025-56263
by-night sms V1.0 has an Arbitrary File Upload vulnerability. The /api/sms/upload/headImg endpoint allows uploading arbitrary files. Users can upload files of any size and type...
sms 安全漏洞
sms is a student grade management system by Jeffrey Personal Developer. A security vulnerability exists in version 1.0 of sms, which stems from the /api/sms/upload/headImg endpoint that allows the uploading of arbitrary files, which could lead to an arbitrary file upload attack...