Read Time:7 Second
This vulnerability allows remote attackers to delete arbitrary files on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.
Daily Archives: August 24, 2023
ZDI-23-1206: (0Day) LG Simple Editor copyContent Exposed Dangerous Function Remote Code Execution Vulnerability
Read Time:7 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.
ZDI-23-1207: (0Day) LG Simple Editor saveXmlFile XML External Entity Processing Information Disclosure Vulnerability
Read Time:7 Second
This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.
ZDI-23-1208: (0Day) LG Simple Editor readVideoInfo Command Injection Remote Code Execution Vulnerability
Read Time:7 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.
ZDI-23-1209: (0Day) LG Simple Editor createThumbnailByMovie Command Injection Remote Code Execution Vulnerability
Read Time:7 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.
ZDI-23-1210: (0Day) LG Simple Editor copyContent XML External Entity Processing Information Disclosure Vulnerability
Read Time:7 Second
This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.
ZDI-23-1211: (0Day) LG Simple Editor copyContent XML External Entity Processing Information Disclosure Vulnerability
Read Time:7 Second
This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.
ZDI-23-1212: (0Day) LG Simple Editor putCanvasDB Directory Traversal Arbitrary File Deletion Vulnerability
Read Time:7 Second
This vulnerability allows remote attackers to delete arbitrary files on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.
ZDI-23-1213: (0Day) LG Simple Editor deleteCanvas Directory Traversal Arbitrary File Deletion Vulnerability
Read Time:7 Second
This vulnerability allows remote attackers to delete arbitrary files on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.
ZDI-23-1214: (0Day) LG Simple Editor getServerSetting Authentication Bypass Vulnerability
Read Time:7 Second
This vulnerability allows remote attackers to bypass authentication on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.