| 标题 | sims Latest Unauthorized Arbitrary File Download Vulnerability |
|---|
| 描述 | Rawchen/sims has an unauthorized arbitrary file download vulnerability. This vulnerability is due to the lack of permission management for the DownloadServlet route of sims-master/src/web/servlet/file/DownloadServlet.java, and the file name entered by the user is not filtered, resulting in the attacker to download important files, database configuration files, etc. of any system of the server without permission through the vulnerability. |
|---|
| 来源 | ⚠️ https://github.com/yingxiujie/cve/issues/3 |
|---|
| 用户 | yingxiujie (UID 96521) |
|---|
| 提交 | 2026-04-06 06時57分 (22 日前) |
|---|
| 管理 | 2026-04-25 16時05分 (19 days later) |
|---|
| 状态 | 重复 |
|---|
| VulDB条目 | 205148 [Sims 1.0 Attachment Download 目录遍历] |
|---|
| 积分 | 0 |
|---|