43 matches found
CVE-2022-34551
Sims v1.0 was discovered to allow path traversal when downloading attachments...
CVE-2022-34549
Sims v1.0 was discovered to contain an arbitrary file upload vulnerability via the component /uploadServlet. This vulnerability allows attackers to escalate privileges and execute arbitrary commands via a crafted file...
Path traversal
Sims v1.0 was discovered to allow path traversal when downloading attachments...
CVE-2022-34551
CVE-2022-34551 affects Sims v1.0 and is a path-traversal vulnerability in the attachments download function. The issue enables traversal of the file system when downloading attachments, potentially exposing sensitive data (C: high confidentiality impact stated). No explicit exploitation details a...
CVE-2022-34551
Sims v1.0 was discovered to allow path traversal when downloading attachments...
CVE-2022-34549
Sims v1.0 was discovered to contain an arbitrary file upload vulnerability via the component /uploadServlet. This vulnerability allows attackers to escalate privileges and execute arbitrary commands via a crafted file...
CVE-2022-34549
CVE-2022-34549 concerns Sims v1.0, which contains an arbitrary file upload vulnerability in the /uploadServlet. The underlying issue allows attackers to escalate privileges and execute arbitrary commands by crafting a file. The NVD/associated reports rate this as a high-severity, network-exposed ...
CVE-2022-34550
The CVE-2022-34550 issue affects Sims v1.0, where a cross-site scripting (XSS) vulnerability exists in the/addNotifyServlet. It allows an attacker to inject arbitrary web scripts/HTML via the notifyInfo parameter, enabling user-facing script execution. The NVD entry lists CVSS v3.1 base metrics (...
Sims 路径遍历漏洞
Sims is a student information management system by the Chinese individual developer RawChen. A security vulnerability exists in Sims v1.0, which originates from allowing path traversal when downloading attachments...
Sims 跨站脚本漏洞
Sims is a student information management system by the Chinese individual developer RawChen. A security vulnerability exists in Sims v1.0, which originates from a cross-site scripting XSS vulnerability discovered via the component /addNotifyServlet. An attacker can exploit this vulnerability to...
Sims 代码问题漏洞
Sims is a student information management system by the Chinese individual developer RawChen. A security vulnerability exists in Sims v1.0, which stems from an arbitrary file upload vulnerability in the component /uploadServlet. An attacker can exploit this vulnerability by creating a specially...
PT-2022-22202 · Sims · Sims
Name of the Vulnerable Software and Affected Versions: Sims version 1.0 Description: The issue allows path traversal when downloading attachments. Recommendations: For Sims version 1.0, consider restricting access to attachment downloads until a patch is available...
PT-2022-22200 · Sims · Sims
Name of the Vulnerable Software and Affected Versions: Sims version 1.0 Description: The issue allows attackers to escalate privileges and execute arbitrary commands via a crafted file, exploiting an arbitrary file upload vulnerability in the /uploadServlet component. Recommendations: For Sims...
The NSA and FBI Expose Fancy Bear's Sneaky Hacking Tool
Plus: TikTok tracking, Russian SIMs, and more of this week's top security news...
SIM Cards in 29 Countries Vulnerable to Remote Simjacker Attacks
Until now, I'm sure you all might have heard of the SimJacker vulnerability disclosed exactly a month ago that affects a wide range of SIM cards and can remotely be exploited to hack into any mobile phone just by sending a specially crafted binary SMS. If you are unaware, the name "SimJacker" has...
The Sims™ 4 Gallery - Customized SSL, Exported ContentProvider, Redefined SSL Common Names verifier vulnerabilities
HackApp vulnerability scanner discovered that application The Sims™ 4 Gallery published at the 'play' market has multiple vulnerabilities...
Launch Day App The Sims 4 - Dangerous filesystem permissions, Insecure KeyStore vulnerabilities
HackApp vulnerability scanner discovered that application Launch Day App The Sims 4 published at the 'play' market has multiple vulnerabilities...
LG Game Pad: The Sims FreePlay - Base64 encoded String, Customized SSL, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application LG Game Pad: The Sims FreePlay published at the 'play' market has multiple vulnerabilities...
newsletter.sims-magazin.de XSS vulnerability
Open Bug Bounty ID: OBB-57429 Description| Value ---|--- Affected Website:| newsletter.sims-magazin.de Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Preventi...
Facebook Game - The Sims Social Detected (deprecated)
Binary data 6390.prm...