CVE-2025-55743

UnoPim (Laravel-based PIM) is vulnerable to Remote Code Execution via Arbitrary File Upload, due to insufficient client-side validation of image uploads in the user-creation flow. Attackers can craft and replace an uploaded image (e.g., poc.php) to execute code when accessed. The issue is fixed i...

CVE-2023-2816

Consul and Consul Enterprise allowed any user with service:write permissions to use Envoy extensions configured via service-defaults to patch remote proxy instances that target the configured service, regardless of whether the user has permission to modify the services corresponding to those...

WebClientPrint Processor 2.0.15.109 Unauthorized Proxy Modification Vulnerability

RedTeam Pentesting discovered that attackers can configure a proxy host and port to be used when fetching print jobs with WebClientPrint Processor WCPP. This proxy setting may be distributed via specially crafted websites and is set without any user interaction as soon as the website is accessed...

WebClientPrint Processor 2.0.15.109 Unauthorized Proxy Modification

Advisory: WebClientPrint Processor 2.0: Unauthorised Proxy Modification RedTeam Pentesting discovered that attackers can configure a proxy host and port to be used when fetching print jobs with WebClientPrint Processor WCPP. This proxy setting may be distributed via specially crafted websites and...