CNNVD-202508-2708 Information

CNNVD ID

CNNVD-202508-2708

Related CVE

CVE-2025-55745

• CNNVD Published: 2025-08-22

Description (Chinese)

UnoPim是UnoPim开源的一个基于 Laravel 框架的开源产品信息管理（PIM）系统。 UnoPim 0.3.0及之前版本存在安全漏洞，该漏洞源于CSV注入，可能导致远程代码执行。

Description (English)

UnoPim is an open-source product information management (PIM) system based on the Laravel framework. There is a security loophole in UnoPim 0.30 and previous versions, which originated from the CSV injection and could lead to remote code implementation.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

UnoPim

Published

2025-08-22

Last Modified

2026-02-24

References

https://github.com/unopim/unopim/security/advisories/GHSA-74rg-6f92-g6wx https://github.com/unopim/unopim/commit/b25db9496fc147842a519d1dd42ec03c3bf00a34 https://nvd.nist.gov/vuln/detail/CVE-2025-55745 https://access.redhat.com/security/cve/cve-2025-55745

Patch

https://unopim.com/download/