Codemers KLIMS Python Code Injection Vulnerability

Vulnerability

A Python code injection vulnerability has been identified in Codemers KLIMS version 1.6.DEV. This issue allows users to submit Python code as input for certain parameters or qualifiers, such as sorting, which is then executed on the server side.

Impact

Exploitation of this vulnerability allows for arbitrary Python code execution on the server.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Codemers KLIMS Python Code Injection Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating