| Titre | sims Latest Unauthorized Arbitrary File Download Vulnerability |
|---|
| Description | Rawchen/sims has an unauthorized arbitrary file download vulnerability. This vulnerability is due to the lack of permission management for the DownloadServlet route of sims-master/src/web/servlet/file/DownloadServlet.java, and the file name entered by the user is not filtered, resulting in the attacker to download important files, database configuration files, etc. of any system of the server without permission through the vulnerability. |
|---|
| La source | ⚠️ https://github.com/yingxiujie/cve/issues/3 |
|---|
| Utilisateur | yingxiujie (UID 96521) |
|---|
| Soumission | 06/04/2026 06:57 (il y a 22 jours) |
|---|
| Modérer | 25/04/2026 16:05 (19 days later) |
|---|
| Statut | Dupliqué |
|---|
| Entrée VulDB | 205148 [Sims 1.0 Attachment Download directory traversal] |
|---|
| Points | 0 |
|---|