unopim/unopim Security Advisories for v0.1.6 (5)
-
[LOW] UnoPim has CSV Injection on Quick Export feature
PKSA-7fzm-dzrw-249j CVE-2025-55745 GHSA-74rg-6f92-g6wx
Affected version: <=0.3.0
Reported by:
GitHub -
[HIGH] UnoPim has Broken Access Control
PKSA-tywv-bnhp-z245 CVE-2025-55741 GHSA-8p2f-fx4q-75cx
Affected version: <=0.3.0
Reported by:
GitHub -
[MEDIUM] UnoPim vulnerable to CSRF on Product edit feature and creation of other types
PKSA-dfwt-ydb1-tqns CVE-2025-55744 GHSA-287x-6r2h-f9mw
Affected version: <=0.2.0
Reported by:
GitHub -
[HIGH] UnoPim vulnerable to remote code execution through Arbitrary File upload
PKSA-vdp8-1j4n-76b2 CVE-2025-55743 GHSA-v22v-xwh7-2vrm
Affected version: <=0.2.0
Reported by:
GitHub -
[MEDIUM] UnoPim has Stored Cross-site Scripting vulnerability in user creation functionality
PKSA-774b-f3x7-52bf CVE-2025-55742 GHSA-xr97-25v7-hc2q
Affected version: <=0.2.0
Reported by:
GitHub