All 6 CVE vulnerabilities found in unopim, with AI-generated Chinese analysis, references, and POCs.
Vendor: unopim
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-55745 | UnoPim Quick Export feature is vulnerable to CSV injection CWE-1236 | 8.8AI | HighAI | 2025-08-22 |
| CVE-2025-55741 | unopim/unopim allows unauthorized product deletion via mass-delete endpoint CWE-284 | 8.1 | High | 2025-08-22 |
| CVE-2025-55744 | UnoPim vulnerable to CSRF on Product edit feature and creation of other types CWE-352 | 8.8AI | HighAI | 2025-08-21 |
| CVE-2025-55743 | UnoPim vulnerable to remote code execution through Arbitrary File upload CWE-434 | 8.1AI | HighAI | 2025-08-21 |
| CVE-2025-55742 | UnoPim Stored XSS via SVG MIME/Sanitizer Bypass CWE-79 | 8.0 | High | 2025-08-21 |
| CVE-2024-52305 | UnoPim Stored XSS : Cookie hijacking through Create User function CWE-616 | 6.5 | Medium | 2024-11-13 |
All 6 known CVE vulnerabilities affecting unopim with full Chinese analysis, references, and POCs where available.