unopim/unopim Security Advisories for v0.1.3 (7)
-
[LOW] UnoPim has CSV Injection on Quick Export feature
PKSA-7fzm-dzrw-249j CVE-2025-55745 GHSA-74rg-6f92-g6wx
Affected version: <=0.3.0
Reported by:
GitHub -
[HIGH] UnoPim has Broken Access Control
PKSA-tywv-bnhp-z245 CVE-2025-55741 GHSA-8p2f-fx4q-75cx
Affected version: <=0.3.0
Reported by:
GitHub -
[MEDIUM] UnoPim vulnerable to CSRF on Product edit feature and creation of other types
PKSA-dfwt-ydb1-tqns CVE-2025-55744 GHSA-287x-6r2h-f9mw
Affected version: <=0.2.0
Reported by:
GitHub -
[HIGH] UnoPim vulnerable to remote code execution through Arbitrary File upload
PKSA-vdp8-1j4n-76b2 CVE-2025-55743 GHSA-v22v-xwh7-2vrm
Affected version: <=0.2.0
Reported by:
GitHub -
[MEDIUM] UnoPim has Stored Cross-site Scripting vulnerability in user creation functionality
PKSA-774b-f3x7-52bf CVE-2025-55742 GHSA-xr97-25v7-hc2q
Affected version: <=0.2.0
Reported by:
GitHub -
[MEDIUM] UnoPim Stored XSS : Cookie hijacking through Create User function
PKSA-fsnw-tkmh-pqct CVE-2024-52305 GHSA-cgr4-c233-h733
Affected version: <0.1.5
Reported by:
GitHub -
[MEDIUM] UnoPim Cross-site Scripting vulnerability
PKSA-xc9k-zv8p-6ymy CVE-2024-50637 GHSA-hv6m-qj65-26q3
Affected version: <0.1.4
Reported by:
GitHub