2 matches found
CVE-2022-34549
CVE-2022-34549 concerns Sims v1.0, which contains an arbitrary file upload vulnerability in the /uploadServlet. The underlying issue allows attackers to escalate privileges and execute arbitrary commands by crafting a file. The NVD/associated reports rate this as a high-severity, network-exposed ...
CVE-2022-34551
CVE-2022-34551 affects Sims v1.0 and is a path-traversal vulnerability in the attachments download function. The issue enables traversal of the file system when downloading attachments, potentially exposing sensitive data (C: high confidentiality impact stated). No explicit exploitation details a...