5 matches found
CVE-2025-43947
Codemers KLIMS 1.6.DEV lacks a proper access control mechanism, allowing a normal KLIMS user to perform all the actions that an admin can perform, such as modifying the configuration, creating a user, uploading files, etc...
CVE-2025-43947
creationtimestamp| type| source ---|---|--- 2025-04-22 21:04:13+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/12975 2025-04-22 21:09:24+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lngln2n5b52l 2025-04-22 22:35:22+00:00| seen|...
CVE-2025-43947
Codemers KLIMS 1.6.DEV is affected by CVE-2025-43947 due to a missing access-control mechanism that lets a normal KLIMS user perform admin actions (e.g., modify configuration, create users, upload files). Impact is elevated privileges within KLIMS as described; exploitation details are not provid...
CVE-2025-43947
Codemers KLIMS 1.6.DEV lacks a proper access control mechanism, allowing a normal KLIMS user to perform all the actions that an admin can perform, such as modifying the configuration, creating a user, uploading files, etc...
CVE-2025-43947
Codemers KLIMS 1.6.DEV lacks a proper access control mechanism, allowing a normal KLIMS user to perform all the actions that an admin can perform, such as modifying the configuration, creating a user, uploading files, etc...