Submit #797682: sims Latest Unauthorized Arbitrary File Delete Vulnerabilityinfo

Titlesims Latest Unauthorized Arbitrary File Delete Vulnerability
DescriptionRawchen/sims has an unauthorized arbitrary file download vulnerability. This vulnerability is due to the deletionFileServlet routing of sims-master/src/web/servlet/file/DeleteFileServlet.java without permission management, and the file name entered by the user is not filtered, causing the attacker to delete server-critical files without permission, which may lead to system paralysis, data loss or even complete service failure.
Source⚠️ https://github.com/yingxiujie/cve/issues/2
User
 yingxiujie (UID 96521)
Submission04/06/2026 06:56 (3 months ago)
Moderation04/25/2026 16:05 (19 days later)
StatusAccepted
VulDB entry359603 [rawchen sims up to 004f783b1db5ecdfad81c8fdc3b34171211112de deleteFileServlet Endpoint DeleteFileServlet.java filename path traversal]
Points19

Want to know what is going to be exploited?

We predict KEV entries!