Lg Supersign Cms vulnerabilities
5 known vulnerabilities affecting lg/supersign_cms.
Total CVEs
5
CISA KEV
0
Public exploits
2
Exploited in wild
1
Severity breakdown
CRITICAL1HIGH1MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2018-17173P1CRITICALCVSS 9.8ExploitedPoCv2.52018-09-21
CVE-2018-17173 [CRITICAL] CWE-94 CVE-2018-17173: LG SuperSign CMS allows remote attackers to execute arbitrary code via the sourceUri parameter to qs
LG SuperSign CMS allows remote attackers to execute arbitrary code via the sourceUri parameter to qsr_server/device/getThumbnail.
nvd
CVE-2018-16288P2HIGHCVSS 8.6PoCv2.52018-09-14
CVE-2018-16288 [HIGH] CWE-200 CVE-2018-16288: LG SuperSign CMS allows reading of arbitrary files via signEzUI/playlist/edit/upload/..%2f URIs.
LG SuperSign CMS allows reading of arbitrary files via signEzUI/playlist/edit/upload/..%2f URIs.
nvd
CVE-2024-6179P4MEDIUMCVSS 6.1≥ 4.1.3, < 4.3.12024-06-20
CVE-2024-6179 [MEDIUM] CWE-79 CVE-2024-6179: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LG Electronics SuperSign CMS allows Reflected XSS. This issue affects SuperSign CMS: from 4.1.3 before < 4.3.1.
nvd
CVE-2024-6177P4MEDIUMCVSS 6.1≥ 4.1.3, < 4.3.12024-06-20
CVE-2024-6177 [MEDIUM] CWE-79 CVE-2024-6177: Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerab
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in LG Electronics SuperSign CMS allows Reflected XSS. This issue affects SuperSign CMS: from 4.1.3 before < 4.3.1.
nvd
CVE-2024-6178P4MEDIUMCVSS 6.1≥ 4.1.3, < 4.3.12024-06-20
CVE-2024-6178 [MEDIUM] CWE-79 CVE-2024-6178: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LG Electronics SuperSign CMS allows Reflected XSS. This issue affects SuperSign CMS: from 4.1.3 before < 4.3.1.
nvd