45 matches found
EUVD-2014-8725
Malware in sbrugna...
EUVD-2025-25457
Malicious code in bioql PyPI...
CVE-2025-55743
UnoPim is an open-source Product Information Management PIM system built on the Laravel framework. Before 0.2.1, the image upload at the user creation feature performs only client side file type validation. A user can capture the request by uploading an image, capture the request through a Proxy...
CVE-2025-55744
UnoPim is an open-source Product Information Management PIM system built on the Laravel framework. Before 0.2.1, some of the endpoints of the application is vulnerable to Cross site Request forgery CSRF. This vulnerability is fixed in 0.2.1...
CVE-2025-55742
UnoPim is an open-source Product Information Management PIM system built on the Laravel framework. Before 0.2.1, UnoPim contains a stored cross-site scripting vulnerability via SVG MIME/sanitizer bypass in the /admin/settings/users/create endpoint. This vulnerability is fixed in 0.2.1...
CVE-2025-55741
UnoPim is an open-source Product Information Management PIM system built on the Laravel framework. In versions 0.3.0 and earlier, users without the Delete privilege for products are unable to delete individual products via the standard endpoint, as expected. However, these users can bypass intend...
CVE-2025-55741
UnoPim is a Laravel-based open-source PIM. In versions
CVE-2025-55741 unopim/unopim allows unauthorized product deletion via mass-delete endpoint
UnoPim is an open-source Product Information Management PIM system built on the Laravel framework. In versions 0.3.0 and earlier, users without the Delete privilege for products are unable to delete individual products via the standard endpoint, as expected. However, these users can bypass intend...
UnoPim 安全漏洞
UnoPim is an open source Product Information Management PIM system based on the Laravel framework by UnoPim Open Source. A security vulnerability exists in UnoPim 0.3.0 and earlier versions that stems from bypassing access control and could lead to unauthorized deletion of products...
CVE-2025-55742
UnoPim is an open-source Product Information Management PIM system built on the Laravel framework. Before 0.2.1, UnoPim contains a stored cross-site scripting vulnerability via SVG MIME/sanitizer bypass in the /admin/settings/users/create endpoint. This vulnerability is fixed in 0.2.1...
CVE-2025-55744
UnoPim is an open-source Product Information Management PIM system built on the Laravel framework. Before 0.2.1, some of the endpoints of the application is vulnerable to Cross site Request forgery CSRF. This vulnerability is fixed in 0.2.1...
CVE-2025-55743
UnoPim is an open-source Product Information Management PIM system built on the Laravel framework. Before 0.2.1, the image upload at the user creation feature performs only client side file type validation. A user can capture the request by uploading an image, capture the request through a Proxy...
CVE-2025-55744
UnoPim CSRF in product-edit related endpoints (Laravel-based PIM) affects versions before 0.2.1. The CVE entries and related advisories confirm that some endpoints allow state-changing actions to be performed by an authenticated user without proper CSRF protection, enabling cross-site requests to...
CVE-2025-55744 UnoPim vulnerable to CSRF on Product edit feature and creation of other types
UnoPim is an open-source Product Information Management PIM system built on the Laravel framework. Before 0.2.1, some of the endpoints of the application is vulnerable to Cross site Request forgery CSRF. This vulnerability is fixed in 0.2.1...
CVE-2025-55742 UnoPim Stored XSS via SVG MIME/Sanitizer Bypass
UnoPim is an open-source Product Information Management PIM system built on the Laravel framework. Before 0.2.1, UnoPim contains a stored cross-site scripting vulnerability via SVG MIME/sanitizer bypass in the /admin/settings/users/create endpoint. This vulnerability is fixed in 0.2.1...
CVE-2025-55742
CVE-2025-55742 concerns UnoPim, a Laravel-based open-source PIM. The vulnerability is a stored XSS in the user-creation endpoint (/admin/settings/users/create) caused by a SVG MIME/sanitizer bypass. It affects UnoPim versions before 0.2.1 and is fixed in 0.2.1. The issue arises from insufficient ...
UnoPim 安全漏洞
UnoPim is an open source product information management PIM system based on the Laravel framework by UnoPim Open Source. A security vulnerability exists in UnoPim that stems from a vulnerability in the create user process that allows the creation of a new administrator account with the option to...
Pimcore CSV Injection Vulnerability
Pimcore is Austria Pimcore company's set of open source for creating and managing Web applications Web content management platform. The platform integrates Web content management, e-commerce framework and product information management applications. Pimcore suffers from a CSV injection...
Pimcore Cross-Site Scripting Vulnerability (CNVD-2023-41506)
Pimcore is Austria Pimcore company's set of open source for creating and managing Web applications Web content management platform. The platform integrates Web content management, e-commerce framework and product information management applications. A cross-site scripting vulnerability exists in...
Pimcore Cross-Site Scripting Vulnerability (CNVD-2023-43233)
Pimcore is Austria Pimcore company's set of open source for creating and managing Web applications Web content management platform. The platform integrates Web content management, e-commerce framework and product information management applications. A cross-site scripting vulnerability exists in...