CVE-2025-7063 — Due to client-controlled permission check parameter, PAD CMS's file upload functionality allows an unauthenticated remote attacker to upload files of any type and extension without restriction, wh — CVE Database · The Intelligence Room