cvedb.io
CVE-2025-55743
HIGH · CVSS 8.8
EPSS exploitation probability: 0%
Published 2025-08-21T16:15:34.467 · Last modified 2026-06-17T09:42:09.257

Summary

UnoPim is an open-source Product Information Management (PIM) system built on the Laravel framework. Before 0.2.1, the image upload at the user creation feature performs only client side file type validation. A user can capture the request by uploading an image, capture the request through a Proxy like Burp suite. Make changes to the file extension and content. The vulnerability is fixed in 0.2.1.

Affected products

webkul — unopim

Does this affect you?

Add your gear to cvedb and we'll alert you only when webkul ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.