| Titre | sims Latest Unauthorized Arbitrary File Delete Vulnerability |
|---|
| Description | Rawchen/sims has an unauthorized arbitrary file download vulnerability. This vulnerability is due to the deletionFileServlet routing of sims-master/src/web/servlet/file/DeleteFileServlet.java without permission management, and the file name entered by the user is not filtered, causing the attacker to delete server-critical files without permission, which may lead to system paralysis, data loss or even complete service failure. |
|---|
| La source | ⚠️ https://github.com/yingxiujie/cve/issues/2 |
|---|
| Utilisateur | yingxiujie (UID 96521) |
|---|
| Soumission | 06/04/2026 06:56 (il y a 21 jours) |
|---|
| Modérer | 25/04/2026 16:05 (19 days later) |
|---|
| Statut | Accepté |
|---|
| Entrée VulDB | 359603 [rawchen sims deleteFileServlet Endpoint DeleteFileServlet.java filename directory traversal] |
|---|
| Points | 19 |
|---|