CVE-2025-10097 SimStudioAI sim route.ts code injection

A vulnerability was identified in SimStudioAI sim up to 1.0.0. This impacts an unknown function of the file apps/sim/app/api/function/execute/route.ts. The manipulation of the argument code leads to code injection. The attack is possible to be carried out remotely...

CVE-2025-10097

CVE-2025-10097 affects SimStudioAI sim up to 1.0.0. The vulnerability is a code injection in the file apps/sim/app/api/function/execute/route.ts caused by manipulation of the code argument, with the attack described as remotely executable. The connected sources consistently reference arbitrary co...

CVE-2025-10096

A vulnerability was determined in SimStudioAI sim up to 1.0.0. This affects an unknown function of the file apps/sim/app/api/files/parse/route.ts. Executing manipulation of the argument filePath can lead to server-side request forgery. The attack can be executed remotely. The exploit has been...

CVE-2025-10096

A vulnerability was determined in SimStudioAI sim up to 1.0.0. This affects an unknown function of the file apps/sim/app/api/files/parse/route.ts. Executing manipulation of the argument filePath can lead to server-side request forgery. The attack can be executed remotely. The exploit has been...

CVE-2025-10096

The CVE-2025-10096 issue affects SimStudioAI sim versions up to 1.0.0, with the vulnerability residing in the file apps/sim/app/api/files/parse/route.ts. By manipulating the filePath argument, an attacker could trigger a server-side request forgery (SSRF) remotely. Public exploitation has been di...

CVE-2025-10096 SimStudioAI sim route.ts server-side request forgery

A vulnerability was determined in SimStudioAI sim up to 1.0.0. This affects an unknown function of the file apps/sim/app/api/files/parse/route.ts. Executing manipulation of the argument filePath can lead to server-side request forgery. The attack can be executed remotely. The exploit has been...

CVE-2025-10096 SimStudioAI sim route.ts server-side request forgery

A vulnerability was determined in SimStudioAI sim up to 1.0.0. This affects an unknown function of the file apps/sim/app/api/files/parse/route.ts. Executing manipulation of the argument filePath can lead to server-side request forgery. The attack can be executed remotely. The exploit has been...

PT-2025-36482

Name of the Vulnerable Software and Affected Versions: SimStudioAI sim versions up to 1.0.0 Description: A vulnerability exists in SimStudioAI sim up to version 1.0.0. The issue involves code injection due to the manipulation of the code argument within an unknown function of the file...

CVE-2025-9805

A vulnerability was found in SimStudioAI sim up to 51b1e97fa22c48d144aef75f8ca31a74ad2cfed2. This issue affects some unknown processing of the file apps/sim/app/api/proxy/image/route.ts. The manipulation results in server-side request forgery. The attack may be performed from remote. The exploit...

CVE-2025-9801

A security vulnerability has been detected in SimStudioAI sim up to ed9b9ad83f1a7c61f4392787fb51837d34eeb0af. This affects an unknown part. The manipulation of the argument filePath leads to path traversal. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and...

CVE-2025-9800

A weakness has been identified in SimStudioAI sim up to ed9b9ad83f1a7c61f4392787fb51837d34eeb0af. Affected by this issue is the function Import of the file apps/sim/app/api/files/upload/route.ts of the component HTML File Parser. Executing manipulation of the argument File can lead to unrestricte...

CVE-2025-9805

A vulnerability was found in SimStudioAI sim up to 51b1e97fa22c48d144aef75f8ca31a74ad2cfed2. This issue affects some unknown processing of the file apps/sim/app/api/proxy/image/route.ts. The manipulation results in server-side request forgery. The attack may be performed from remote. The exploit...

CVE-2025-9805 SimStudioAI sim route.ts server-side request forgery

A vulnerability was found in SimStudioAI sim up to 51b1e97fa22c48d144aef75f8ca31a74ad2cfed2. This issue affects some unknown processing of the file apps/sim/app/api/proxy/image/route.ts. The manipulation results in server-side request forgery. The attack may be performed from remote. The exploit...

CVE-2025-9805

CVE-2025-9805 affects SimStudioAI Sim up to commit 51b1e97fa22c48d144aef75f8ca31a74ad2cfed2, with a server-side request forgery flaw in apps/sim/app/api/proxy/image/route.ts. The vulnerability can be exploited remotely after processing by the vulnerable code path; exploitation is public. Patch 34...

CVE-2025-9801 SimStudioAI sim path traversal

A security vulnerability has been detected in SimStudioAI sim up to ed9b9ad83f1a7c61f4392787fb51837d34eeb0af. This affects an unknown part. The manipulation of the argument filePath leads to path traversal. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and...

CVE-2025-9801 SimStudioAI sim path traversal

A security vulnerability has been detected in SimStudioAI sim up to ed9b9ad83f1a7c61f4392787fb51837d34eeb0af. This affects an unknown part. The manipulation of the argument filePath leads to path traversal. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and...

CVE-2025-9800 SimStudioAI sim HTML File route.ts import unrestricted upload

A weakness has been identified in SimStudioAI sim up to ed9b9ad83f1a7c61f4392787fb51837d34eeb0af. Affected by this issue is the function Import of the file apps/sim/app/api/files/upload/route.ts of the component HTML File Parser. Executing manipulation of the argument File can lead to unrestricte...

CVE-2025-9800

The CVE-2025-9800 entry corresponds to SimStudioAI, where the vulnerability resides in the Import function of the file apps/sim/app/api/files/upload/route.ts within the HTML File Parser component. The root cause is manipulation of the File argument, leading to unrestricted file upload and potenti...

PT-2025-35515

Name of the Vulnerable Software and Affected Versions: SimStudioAI affected versions not specified Description: A weakness exists in the function Import of the file apps/sim/app/api/files/upload/route.ts within the HTML File Parser component. Manipulation of the File argument can lead to...

PT-2025-35516

Name of the Vulnerable Software and Affected Versions: SimStudioAI sim up to ed9b9ad83f1a7c61f4392787fb51837d34eeb0af Description: A security vulnerability has been detected that allows for path traversal through manipulation of the filePath argument. Remote exploitation is possible, and the...