| Título | sims Latest Unauthorized Arbitrary File Download Vulnerability |
|---|
| Descrição | Rawchen/sims has an unauthorized arbitrary file download vulnerability. This vulnerability is due to the lack of permission management for the DownloadServlet route of sims-master/src/web/servlet/file/DownloadServlet.java, and the file name entered by the user is not filtered, resulting in the attacker to download important files, database configuration files, etc. of any system of the server without permission through the vulnerability. |
|---|
| Fonte | ⚠️ https://github.com/yingxiujie/cve/issues/3 |
|---|
| Utilizador | yingxiujie (UID 96521) |
|---|
| Submissão | 06/04/2026 06h57 (há 21 dias) |
|---|
| Moderação | 25/04/2026 16h05 (19 days later) |
|---|
| Estado | Duplicado |
|---|
| Entrada VulDB | 205148 [Sims 1.0 Attachment Download Travessia de Diretório] |
|---|
| Pontos | 0 |
|---|