Lucene search
K

45 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2014-8725

Malware in sbrugna...

3.5CVSS6.1AI score0.00759EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-25457

Malicious code in bioql PyPI...

8CVSS6.3AI score0.00345EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2025/08/23 4:16 p.m.6 views

CVE-2025-55743

UnoPim is an open-source Product Information Management PIM system built on the Laravel framework. Before 0.2.1, the image upload at the user creation feature performs only client side file type validation. A user can capture the request by uploading an image, capture the request through a Proxy...

8.8CVSS6.2AI score0.00446EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/08/23 4:16 p.m.8 views

CVE-2025-55744

UnoPim is an open-source Product Information Management PIM system built on the Laravel framework. Before 0.2.1, some of the endpoints of the application is vulnerable to Cross site Request forgery CSRF. This vulnerability is fixed in 0.2.1...

8.2CVSS6.1AI score0.00143EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/08/23 4:16 p.m.8 views

CVE-2025-55742

UnoPim is an open-source Product Information Management PIM system built on the Laravel framework. Before 0.2.1, UnoPim contains a stored cross-site scripting vulnerability via SVG MIME/sanitizer bypass in the /admin/settings/users/create endpoint. This vulnerability is fixed in 0.2.1...

8CVSS5.5AI score0.00345EPSS
Exploits1References1
NVD
NVD
added 2025/08/22 4:15 p.m.7 views

CVE-2025-55741

UnoPim is an open-source Product Information Management PIM system built on the Laravel framework. In versions 0.3.0 and earlier, users without the Delete privilege for products are unable to delete individual products via the standard endpoint, as expected. However, these users can bypass intend...

8.1CVSS0.00387EPSS
Exploits1References3
CVE
CVE
added 2025/08/22 4:4 p.m.30 views

CVE-2025-55741

UnoPim is a Laravel-based open-source PIM. In versions

8.1CVSS6.4AI score0.00387EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2025/08/22 4:4 p.m.6 views

CVE-2025-55741 unopim/unopim allows unauthorized product deletion via mass-delete endpoint

UnoPim is an open-source Product Information Management PIM system built on the Laravel framework. In versions 0.3.0 and earlier, users without the Delete privilege for products are unable to delete individual products via the standard endpoint, as expected. However, these users can bypass intend...

8.1CVSS6.5AI score0.00387EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/08/22 12:0 a.m.3 views

UnoPim 安全漏洞

UnoPim is an open source Product Information Management PIM system based on the Laravel framework by UnoPim Open Source. A security vulnerability exists in UnoPim 0.3.0 and earlier versions that stems from bypassing access control and could lead to unauthorized deletion of products...

8.1CVSS6.2AI score0.00387EPSS
Exploits1References5
NVD
NVD
added 2025/08/21 4:15 p.m.7 views

CVE-2025-55742

UnoPim is an open-source Product Information Management PIM system built on the Laravel framework. Before 0.2.1, UnoPim contains a stored cross-site scripting vulnerability via SVG MIME/sanitizer bypass in the /admin/settings/users/create endpoint. This vulnerability is fixed in 0.2.1...

8CVSS0.00345EPSS
Exploits1References4
NVD
NVD
added 2025/08/21 4:15 p.m.7 views

CVE-2025-55744

UnoPim is an open-source Product Information Management PIM system built on the Laravel framework. Before 0.2.1, some of the endpoints of the application is vulnerable to Cross site Request forgery CSRF. This vulnerability is fixed in 0.2.1...

8.2CVSS0.00143EPSS
Exploits1References2
NVD
NVD
added 2025/08/21 4:15 p.m.7 views

CVE-2025-55743

UnoPim is an open-source Product Information Management PIM system built on the Laravel framework. Before 0.2.1, the image upload at the user creation feature performs only client side file type validation. A user can capture the request by uploading an image, capture the request through a Proxy...

8.8CVSS0.00446EPSS
Exploits1References2
CVE
CVE
added 2025/08/21 3:51 p.m.23 views

CVE-2025-55744

UnoPim CSRF in product-edit related endpoints (Laravel-based PIM) affects versions before 0.2.1. The CVE entries and related advisories confirm that some endpoints allow state-changing actions to be performed by an authenticated user without proper CSRF protection, enabling cross-site requests to...

8.2CVSS6.9AI score0.00143EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2025/08/21 3:51 p.m.4 views

CVE-2025-55744 UnoPim vulnerable to CSRF on Product edit feature and creation of other types

UnoPim is an open-source Product Information Management PIM system built on the Laravel framework. Before 0.2.1, some of the endpoints of the application is vulnerable to Cross site Request forgery CSRF. This vulnerability is fixed in 0.2.1...

8.2CVSS6.6AI score0.00143EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/08/21 3:36 p.m.2 views

CVE-2025-55742 UnoPim Stored XSS via SVG MIME/Sanitizer Bypass

UnoPim is an open-source Product Information Management PIM system built on the Laravel framework. Before 0.2.1, UnoPim contains a stored cross-site scripting vulnerability via SVG MIME/sanitizer bypass in the /admin/settings/users/create endpoint. This vulnerability is fixed in 0.2.1...

8CVSS6.2AI score0.00345EPSS
Exploits1References4
CVE
CVE
added 2025/08/21 3:36 p.m.36 views

CVE-2025-55742

CVE-2025-55742 concerns UnoPim, a Laravel-based open-source PIM. The vulnerability is a stored XSS in the user-creation endpoint (/admin/settings/users/create) caused by a SVG MIME/sanitizer bypass. It affects UnoPim versions before 0.2.1 and is fixed in 0.2.1. The issue arises from insufficient ...

8CVSS6.2AI score0.00345EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2024/11/13 12:0 a.m.3 views

UnoPim 安全漏洞

UnoPim is an open source product information management PIM system based on the Laravel framework by UnoPim Open Source. A security vulnerability exists in UnoPim that stems from a vulnerability in the create user process that allows the creation of a new administrator account with the option to...

6.5CVSS6.3AI score0.0018EPSS
Exploits1References3
CNVD
CNVD
added 2023/05/21 12:0 a.m.17 views

Pimcore CSV Injection Vulnerability

Pimcore is Austria Pimcore company's set of open source for creating and managing Web applications Web content management platform. The platform integrates Web content management, e-commerce framework and product information management applications. Pimcore suffers from a CSV injection...

7.8CVSS7.4AI score0.00406EPSS
Exploits1References1
CNVD
CNVD
added 2023/05/18 12:0 a.m.19 views

Pimcore Cross-Site Scripting Vulnerability (CNVD-2023-41506)

Pimcore is Austria Pimcore company's set of open source for creating and managing Web applications Web content management platform. The platform integrates Web content management, e-commerce framework and product information management applications. A cross-site scripting vulnerability exists in...

6.8CVSS5.1AI score0.00497EPSS
Exploits1References1
CNVD
CNVD
added 2023/05/18 12:0 a.m.16 views

Pimcore Cross-Site Scripting Vulnerability (CNVD-2023-43233)

Pimcore is Austria Pimcore company's set of open source for creating and managing Web applications Web content management platform. The platform integrates Web content management, e-commerce framework and product information management applications. A cross-site scripting vulnerability exists in...

5.7CVSS5.9AI score0.00576EPSS
Exploits1References1
Rows per page
Query Builder