6 matches found
CVE-2022-34550
Sims v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the component /addNotifyServlet. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the notifyInfo parameter...
CVE-2022-34549
Sims v1.0 was discovered to contain an arbitrary file upload vulnerability via the component /uploadServlet. This vulnerability allows attackers to escalate privileges and execute arbitrary commands via a crafted file...
CVE-2022-34551
Sims v1.0 was discovered to allow path traversal when downloading attachments...
CVE-2022-34550
Sims v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the component /addNotifyServlet. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the notifyInfo parameter...
CVE-2022-34551
Sims v1.0 was discovered to allow path traversal when downloading attachments...
CVE-2022-34549
Sims v1.0 was discovered to contain an arbitrary file upload vulnerability via the component /uploadServlet. This vulnerability allows attackers to escalate privileges and execute arbitrary commands via a crafted file...