CVE-2025-55743
UnoPim (Laravel-based PIM) is vulnerable to Remote Code Execution via Arbitrary File Upload, due to insufficient client-side validation of image uploads in the user-creation flow. Attackers can craft and replace an uploaded image (e.g., poc.php) to execute code when accessed. The issue is fixed i...