rawchen/sims

rawchen/sims

sims.rawchen.com

Releases0

Stars230

学生信息管理系统SIMS，Java Servlet And Jsp.

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2022-34549 ↗	Jul 27, 2022Wednesday, 27 July 2022, 14:15	8.8 HIGH	—
Sims v1.0 was discovered to contain an arbitrary file upload vulnerability via the component /uploadServlet. This vulnerability allows attackers to escalate privileges and execute arbitrary commands via a crafted file.
CVE-2022-34550 ↗	Jul 27, 2022Wednesday, 27 July 2022, 14:15	5.4 MEDIUM	—
Sims v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /addNotifyServlet. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the notifyInfo parameter.
CVE-2022-34551 ↗	Jul 27, 2022Wednesday, 27 July 2022, 14:15	6.5 MEDIUM	—
Sims v1.0 was discovered to allow path traversal when downloading attachments.