CNNVD-202508-2606 Information

CNNVD ID

CNNVD-202508-2606

Related CVE

CVE-2025-55743

• CNNVD Published: 2025-08-21

Description (Chinese)

UnoPim是UnoPim开源的一个基于 Laravel 框架的开源产品信息管理（PIM）系统。 UnoPim 0.2.1之前版本存在代码问题漏洞，该漏洞源于客户端文件类型验证不足，可能导致上传恶意文件。

Description (English)

UnoPim is an open-source product information management (PIM) system based on the Laravel framework. The pre-UnoPim 0.2.1 version had a code problem loophole, which stemmed from inadequate verification of client file types and could lead to the uploading of malicious documents.

Hazard Level

Medium

Vulnerability Type

代码问题

Affected Vendor

UnoPim

Published

2025-08-21

Last Modified

2026-02-24

References

https://github.com/unopim/unopim/security/advisories/GHSA-v22v-xwh7-2vrm https://drive.proton.me/urls/PH1ESMKHMW#4Vxb2KNu3tmn https://nvd.nist.gov/vuln/detail/CVE-2025-55743

Patch

https://unopim.com/download/