CVE-2023-40509 LG Simple Editor deleteCanvas Directory Traversal Arbitrary File Deletion Vulnerability

LG Simple Editor deleteCanvas Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists withi...

CVE-2023-40508

LG Simple Editor exposes CVE-2023-40508: a Directory Traversal in putCanvasDB allows an unauthenticated attacker to delete arbitrary files, executing in SYSTEM context. The flaw stems from insufficient validation of a user-supplied path before file operations in putCanvasDB, with exploitation via...

CVE-2023-40508 LG Simple Editor putCanvasDB Directory Traversal Arbitrary File Deletion Vulnerability

LG Simple Editor putCanvasDB Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists within...

CVE-2023-40502

LG Simple Editor cropImage Directory Traversal Arbitrary File Deletion Vulnerability affects LG Simple Editor. The flaw stems from improper validation of a user-supplied path in the cropImage command, allowing remote attackers to delete arbitrary files with SYSTEM context. Affected components inc...

CVE-2023-40500

The CVE-2023-40500 entry covers LG Simple Editor: a remote code execution via the copyContent function caused by unvalidated user-supplied paths in file operations. It enables network-remote execution with no authentication, leading to SYSTEM-level code execution. Documented in ZDI-23-1206 and ec...

CVE-2023-40499

LG Simple Editor contains a directory traversal vulnerability in the mkdir implementation of makeDetailContent that fails to validate a user-supplied path before file operations. This allows remote attackers to delete arbitrary files on the host in SYSTEM context, without authentication. Public d...

CVE-2023-40499 LG Simple Editor mkdir Directory Traversal Arbitrary File Deletion Vulnerability

LG Simple Editor mkdir Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...

CVE-2023-40499 LG Simple Editor mkdir Directory Traversal Arbitrary File Deletion Vulnerability

LG Simple Editor mkdir Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...

CVE-2023-40498 LG Simple Editor cp Command Directory Traversal Remote Code Execution Vulnerability

LG Simple Editor cp Command Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists within th...

CVE-2023-40498

LG Simple Editor (cp command in makeDetailContent) suffers a directory-traversal vulnerability leading to remote code execution with SYSTEM context. Lack of validation on user-supplied paths in file operations is the root cause. Affected product is LG Simple Editor; CVE-2023-40498 is documented a...

CVE-2023-40498 LG Simple Editor cp Command Directory Traversal Remote Code Execution Vulnerability

LG Simple Editor cp Command Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists within th...

CVE-2023-40496

LG Simple Editor copyStickerContent Directory Traversal Information Disclosure vulnerability (CVE-2023-40496) allows remote attackers to disclose sensitive information without authentication. The flaw arises from insufficient validation of a user-supplied path in the copyStickerContent command, e...

CVE-2023-40495 LG Simple Editor copyTemplateAll Directory Traversal Information Disclosure Vulnerability

LG Simple Editor copyTemplateAll Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw...

CVE-2023-40495 LG Simple Editor copyTemplateAll Directory Traversal Information Disclosure Vulnerability

LG Simple Editor copyTemplateAll Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw...

CVE-2023-40493

LG Simple Editor is affected by a remote code execution through copySessionFolder Directory Traversal. The flaw arises from insufficient validation of a user-supplied path used in file operations, enabling an attacker to execute code in the SYSTEM context without authentication. Affected product:...

CVE-2023-40494 LG Simple Editor deleteFolder Directory Traversal Arbitrary File Deletion Vulnerability

LG Simple Editor deleteFolder Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists withi...

CVE-2023-40494

LG Simple Editor (Luckin, LG Korea) is affected by a Directory Traversal vulnerability in the deleteFolder method, due to insufficient validation of a user-supplied path. This allows remote attackers to delete arbitrary files with SYSTEM context, without authentication. Multiple sources (includin...

CVE-2023-40492 LG Simple Editor deleteCheckSession Directory Traversal Arbitrary File Deletion Vulnerability

LG Simple Editor deleteCheckSession Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists...

CVE-2023-40492 LG Simple Editor deleteCheckSession Directory Traversal Arbitrary File Deletion Vulnerability

LG Simple Editor deleteCheckSession Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists...

CVE-2023-40492

LG Simple Editor vulnerability (CVE-2023-40492) in deleteCheckSession: a directory traversal flaw allows remote attackers to delete arbitrary files without authentication, executing with SYSTEM privileges. Root cause is lack of validation of a user-supplied path before file operations. Connected ...