cbcvebase.

Lg Simple Editor vulnerabilities

25 known vulnerabilities affecting lg/simple_editor.

Total CVEs
25
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
CRITICAL13HIGH9MEDIUM3

Vulnerabilities

Page 1 of 2
CVE-2023-40504P1CRITICALCVSS 9.8PoCv3.21.0vLG Simple Editor 3.21.02024-05-03
CVE-2023-40504 [CRITICAL] CWE-78 CVE-2023-40504: LG Simple Editor readVideoInfo Command Injection Remote Code Execution Vulnerability. This vulnerabi LG Simple Editor readVideoInfo Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the readVideoInfo method. The issue results from the
nvd
CVE-2023-40498P1CRITICALCVSS 9.8PoCv3.21.0vLG Simple Editor 3.21.02024-05-03
CVE-2023-40498 [CRITICAL] CWE-22 CVE-2023-40498: LG Simple Editor cp Command Directory Traversal Remote Code Execution Vulnerability. This vulnerabil LG Simple Editor cp Command Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the cp command implemented in the makeDetailContent me
nvd
CVE-2023-40497P1CRITICALCVSS 9.8v3.21.0vLG Simple Editor 3.21.02024-05-03
CVE-2023-40497 [CRITICAL] CWE-22 CVE-2023-40497: LG Simple Editor saveXml Directory Traversal Remote Code Execution Vulnerability. This vulnerability LG Simple Editor saveXml Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the saveXml command implemented in the makeDetailContent
nvd
CVE-2023-40492P2CRITICALCVSS 9.1v3.21.0vLG Simple Editor 3.21.02024-05-03
CVE-2023-40492 [CRITICAL] CWE-22 CVE-2023-40492: LG Simple Editor deleteCheckSession Directory Traversal Arbitrary File Deletion Vulnerability. This LG Simple Editor deleteCheckSession Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the deleteCheckSession method. The issue resu
nvd
CVE-2023-40494P2CRITICALCVSS 9.1v3.21.0vLG Simple Editor 3.21.02024-05-03
CVE-2023-40494 [CRITICAL] CWE-22 CVE-2023-40494: LG Simple Editor deleteFolder Directory Traversal Arbitrary File Deletion Vulnerability. This vulner LG Simple Editor deleteFolder Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the deleteFolder method. The issue results from th
nvd
CVE-2023-40502P2CRITICALCVSS 9.1v3.21.0vLG Simple Editor 3.21.02024-05-03
CVE-2023-40502 [CRITICAL] CWE-22 CVE-2023-40502: LG Simple Editor cropImage Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerabi LG Simple Editor cropImage Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the cropImage command. The issu
nvd
CVE-2023-40495P2HIGHCVSS 7.5v3.21.0vLG Simple Editor 3.21.02024-05-03
CVE-2023-40495 [HIGH] CWE-22 CVE-2023-40495: LG Simple Editor copyTemplateAll Directory Traversal Information Disclosure Vulnerability. This vuln LG Simple Editor copyTemplateAll Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the copyTemplateAll method. The issue result
nvd
CVE-2023-40496P2HIGHCVSS 7.5v3.21.0vLG Simple Editor 3.21.02024-05-03
CVE-2023-40496 [HIGH] CWE-22 CVE-2023-40496: LG Simple Editor copyStickerContent Directory Traversal Information Disclosure Vulnerability. This v LG Simple Editor copyStickerContent Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the copyStickerCont
nvd
CVE-2023-40493P2CRITICALCVSS 9.8v3.21.0vLG Simple Editor 3.21.02024-05-03
CVE-2023-40493 [CRITICAL] CWE-22 CVE-2023-40493: LG Simple Editor copySessionFolder Directory Traversal Remote Code Execution Vulnerability. This vul LG Simple Editor copySessionFolder Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the copySessionFolder com
nvd
CVE-2023-40505P2CRITICALCVSS 9.8v3.21.0vLG Simple Editor 3.21.02024-05-03
CVE-2023-40505 [CRITICAL] CWE-78 CVE-2023-40505: LG Simple Editor createThumbnailByMovie Command Injection Remote Code Execution Vulnerability. This LG Simple Editor createThumbnailByMovie Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the createThumbnailByMovie method. The issue
nvd
CVE-2023-40500P2CRITICALCVSS 9.8v3.21.0vLG Simple Editor 3.21.02024-05-03
CVE-2023-40500 [CRITICAL] CWE-749 CVE-2023-40500: LG Simple Editor copyContent Exposed Dangerous Function Remote Code Execution Vulnerability. This vu LG Simple Editor copyContent Exposed Dangerous Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the copyContent command
nvd
CVE-2023-40501P2CRITICALCVSS 9.8v3.21.0vLG Simple Editor 3.21.02024-05-03
CVE-2023-40501 [CRITICAL] CWE-749 CVE-2023-40501: LG Simple Editor copyContent Exposed Dangerous Function Remote Code Execution Vulnerability. This vu LG Simple Editor copyContent Exposed Dangerous Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the copyContent command
nvd
CVE-2023-40509P2CRITICALCVSS 9.1v3.21.0vLG Simple Editor 3.21.02024-05-03
CVE-2023-40509 [CRITICAL] CWE-22 CVE-2023-40509: LG Simple Editor deleteCanvas Directory Traversal Arbitrary File Deletion Vulnerability. This vulner LG Simple Editor deleteCanvas Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the deleteCanvas method. The issue results from th
nvd
CVE-2023-40508P2CRITICALCVSS 9.1v3.21.0vLG Simple Editor 3.21.02024-05-03
CVE-2023-40508 [CRITICAL] CWE-22 CVE-2023-40508: LG Simple Editor putCanvasDB Directory Traversal Arbitrary File Deletion Vulnerability. This vulnera LG Simple Editor putCanvasDB Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the putCanvasDB method. The issue results from the
nvd
CVE-2023-40499P2CRITICALCVSS 9.1v3.21.0vLG Simple Editor 3.21.02024-05-03
CVE-2023-40499 [CRITICAL] CWE-22 CVE-2023-40499: LG Simple Editor mkdir Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability LG Simple Editor mkdir Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the mkdir command implemented in the makeDetailContent me
nvd
CVE-2023-40510P3HIGHCVSS 7.5v3.21.0vLG Simple Editor 3.21.02024-05-03
CVE-2023-40510 [HIGH] CWE-200 CVE-2023-40510: LG Simple Editor getServerSetting Authentication Bypass Vulnerability. This vulnerability allows rem LG Simple Editor getServerSetting Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the getServerSetting method. The issue results from the exposure of plai
nvd
CVE-2023-40511P3HIGHCVSS 7.5v3.21.0vLG Simple Editor 3.21.02024-05-03
CVE-2023-40511 [HIGH] CWE-200 CVE-2023-40511: LG Simple Editor checkServer Authentication Bypass Vulnerability. This vulnerability allows remote a LG Simple Editor checkServer Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the checkServer method. The issue results from the exposure of plaintext cred
nvd
CVE-2023-40507P3HIGHCVSS 7.5v3.21.0vLG Simple Editor 3.21.02024-05-03
CVE-2023-40507 [HIGH] CWE-611 CVE-2023-40507: LG Simple Editor copyContent XML External Entity Processing Information Disclosure Vulnerability. Th LG Simple Editor copyContent XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the copyConten
nvd
CVE-2023-40506P3HIGHCVSS 7.5v3.21.0vLG Simple Editor 3.21.02024-05-03
CVE-2023-40506 [HIGH] CWE-611 CVE-2023-40506: LG Simple Editor copyContent XML External Entity Processing Information Disclosure Vulnerability. Th LG Simple Editor copyContent XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the copyConten
nvd
CVE-2023-40503P3HIGHCVSS 7.5v3.21.0vLG Simple Editor 3.21.02024-05-03
CVE-2023-40503 [HIGH] CWE-611 CVE-2023-40503: LG Simple Editor saveXmlFile XML External Entity Processing Information Disclosure Vulnerability. Th LG Simple Editor saveXmlFile XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the saveXmlFile method. Due to the i
nvd