Lg Simple Editor vulnerabilities
25 known vulnerabilities affecting lg/simple_editor.
Total CVEs
25
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
CRITICAL13HIGH9MEDIUM3
Vulnerabilities
Page 2 of 2
CVE-2023-40515P3HIGHCVSS 7.5v3.21.0vLG Simple Editor 3.21.02024-05-03
CVE-2023-40515 [HIGH] CWE-20 CVE-2023-40515: LG Simple Editor joinAddUser Improper Input Validation Denial-of-Service Vulnerability. This vulnera
LG Simple Editor joinAddUser Improper Input Validation Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the joinAddUser method. The issue results
nvd
CVE-2023-40514P3MEDIUMCVSS 6.5v3.21.0vLG Simple Editor 3.21.02024-05-03
CVE-2023-40514 [MEDIUM] CWE-22 CVE-2023-40514: LG Simple Editor FileManagerController getImageByFilename Directory Traversal Information Disclosure
LG Simple Editor FileManagerController getImageByFilename Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG Simple Editor. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be
nvd
CVE-2023-40512P3MEDIUMCVSS 6.5v3.21.0vLG Simple Editor 3.21.02024-05-03
CVE-2023-40512 [MEDIUM] CWE-22 CVE-2023-40512: LG Simple Editor PlayerController getImageByFilename Directory Traversal Information Disclosure Vuln
LG Simple Editor PlayerController getImageByFilename Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG Simple Editor. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypas
nvd
CVE-2023-40513P3MEDIUMCVSS 6.5v3.21.0vLG Simple Editor 3.21.02024-05-03
CVE-2023-40513 [MEDIUM] CWE-22 CVE-2023-40513: LG Simple Editor UserManageController getImageByFilename Directory Traversal Information Disclosure
LG Simple Editor UserManageController getImageByFilename Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG Simple Editor. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be by
nvd
CVE-2023-40516P3HIGHCVSS 7.8v3.21.0vLG Simple Editor 3.21.02024-05-03
CVE-2023-40516 [HIGH] CWE-732 CVE-2023-40516: LG Simple Editor Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vuln
LG Simple Editor Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of LG Simple Editor. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
The specific fl
nvd
← Previous2 / 2