CVE-2025-55744
- EPSS 0.03%
- Veröffentlicht 21.08.2025 15:51:43
- Zuletzt bearbeitet 22.08.2025 21:52:35
UnoPim is an open-source Product Information Management (PIM) system built on the Laravel framework. Before 0.2.1, some of the endpoints of the application is vulnerable to Cross site Request forgery (CSRF). This vulnerability is fixed in 0.2.1.
CVE-2025-55743
- EPSS 0.06%
- Veröffentlicht 21.08.2025 15:45:32
- Zuletzt bearbeitet 22.08.2025 21:53:47
UnoPim is an open-source Product Information Management (PIM) system built on the Laravel framework. Before 0.2.1, the image upload at the user creation feature performs only client side file type validation. A user can capture the request by uploadi...
CVE-2025-55742
- EPSS 0.04%
- Veröffentlicht 21.08.2025 15:36:07
- Zuletzt bearbeitet 22.08.2025 21:55:09
UnoPim is an open-source Product Information Management (PIM) system built on the Laravel framework. Before 0.2.1, UnoPim contains a stored cross-site scripting vulnerability via SVG MIME/sanitizer bypass in the /admin/settings/users/create endpoint....
CVE-2024-52305
- EPSS 0.04%
- Veröffentlicht 13.11.2024 16:15:20
- Zuletzt bearbeitet 19.11.2024 18:04:12
UnoPim is an open-source Product Information Management (PIM) system built on the Laravel framework. A vulnerability exists in the Create User process, allowing the creation of a new admin account with an option to upload a profile image. An attacker...