EUVD-2025-12263

Malicious code in bioql PyPI...

CVE-2025-43948

Codemers KLIMS 1.6.DEV allows Python code injection. A user can provide Python code as an input value for a parameter or qualifier such as for sorting, which will get executed on the server side...

CVE-2025-43947

Codemers KLIMS 1.6.DEV lacks a proper access control mechanism, allowing a normal KLIMS user to perform all the actions that an admin can perform, such as modifying the configuration, creating a user, uploading files, etc...

CVE-2025-43948

Codemers KLIMS 1.6.DEV allows Python code injection. A user can provide Python code as an input value for a parameter or qualifier such as for sorting, which will get executed on the server side...

CVE-2025-43947

Codemers KLIMS 1.6.DEV lacks a proper access control mechanism, allowing a normal KLIMS user to perform all the actions that an admin can perform, such as modifying the configuration, creating a user, uploading files, etc...

PT-2025-17580 · Codemers · Codemers Klims

Name of the Vulnerable Software and Affected Versions: Codemers KLIMS version 1.6.DEV Description: The issue allows Python code injection. A user can provide Python code as an input value for a parameter or qualifier, such as for sorting, which will get executed on the server side. Recommendation...

CVE-2025-43947

Codemers KLIMS 1.6.DEV is affected by CVE-2025-43947 due to a missing access-control mechanism that lets a normal KLIMS user perform admin actions (e.g., modify configuration, create users, upload files). Impact is elevated privileges within KLIMS as described; exploitation details are not provid...

CVE-2025-43947

Codemers KLIMS 1.6.DEV lacks a proper access control mechanism, allowing a normal KLIMS user to perform all the actions that an admin can perform, such as modifying the configuration, creating a user, uploading files, etc...

Codemers KLIMS 安全漏洞

Codemers KLIMS is a system for laboratory information management from Codemers. A security vulnerability exists in Codemers KLIMS version 1.6.DEV, which stems from a missing access control mechanism that could lead to elevated privileges...

CVE-2025-43947

Codemers KLIMS 1.6.DEV lacks a proper access control mechanism, allowing a normal KLIMS user to perform all the actions that an admin can perform, such as modifying the configuration, creating a user, uploading files, etc...

Codemers KLIMS 安全漏洞

Codemers KLIMS is a system for laboratory information management from Codemers. A security vulnerability exists in Codemers KLIMS version 1.6.DEV, which originates from Python code injection and could lead to server-side execution of arbitrary code...

CVE-2025-43948

Codemers KLIMS 1.6.DEV allows Python code injection. A user can provide Python code as an input value for a parameter or qualifier such as for sorting, which will get executed on the server side...

PT-2025-17579 · Codemers · Codemers Klims

Name of the Vulnerable Software and Affected Versions: Codemers KLIMS version 1.6.DEV Description: The issue is related to a lack of proper access control mechanism, allowing a normal user to perform actions that are typically restricted to administrators. This includes modifying the configuratio...

CVE-2025-43948

Codemers KLIMS 1.6.DEV allows Python code injection. A user can provide Python code as an input value for a parameter or qualifier such as for sorting, which will get executed on the server side...

CVE-2025-43948

CVE-2025-43948 affects Codemers KLIMS 1.6.DEV, where an input value for parameters/qualifiers can carry Python code that is executed on the server side, enabling remote code execution. Documents confirm the issue is due to Python code injection in KLIMS 1.6.DEV and describe potential server-side ...