📦 Sim
by Sim
🔍 What is Sim?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
SimStudio versions below 0.5.74 have MongoDB tool endpoints that accept arbitrary connection parameters without authentication or host restrictions. This allows attackers to connect to any reachable M...
This vulnerability allows remote attackers to bypass authentication in simstudioai sim by manipulating the INTERNAL_API_SECRET argument in the CRON Secret Handler component. Attackers can potentially ...
This critical vulnerability in SimStudioAI allows unauthenticated remote attackers to bypass authentication and upload files via the session handler API. It affects all SimStudioAI installations up to...
This vulnerability allows remote attackers to execute arbitrary code on SimStudioAI sim servers by injecting malicious code through the 'code' parameter in the execute route API. It affects all users ...
This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in SimStudioAI sim software up to version 1.0.0. Attackers can manipulate the filePath parameter in the route.ts API endpoint to m...
This vulnerability allows remote attackers to upload arbitrary files to SimStudioAI sim applications due to insufficient validation in the HTML File Parser component. Attackers can exploit this to pot...
This CVE describes a path traversal vulnerability in SimStudioAI sim software where manipulation of the filePath argument allows attackers to access files outside the intended directory. Remote exploi...