83 matches found
LG SuperSign EZ CMS 2.5 - Local File Inclusion
LG SuperSign EZ CMS 2.5 - Local File Inclusion Exploit Title: LG SuperSign EZ CMS 2.5 - Local File Inclusion Date: 2018-09-13 Exploit Author: Alejandro Fanjul Vendor Homepage: https://www.lg.com/ar/software-lg-supersign Version: SuperSign EZ CMS Tested on: Web OS 4.0 CVE : CVE-2018-16288 More inf...
LG SuperSign EZ CMS 2.5 Local File Inclusion
Exploit Title: LG SuperSign EZ CMS 2.5 - Local File Inclusion Date: 2018-09-13 Exploit Author: Alejandro Fanjul Vendor Homepage: https://www.lg.com/ar/software-lg-supersign Version: SuperSign EZ CMS Tested on: Web OS 4.0 CVE : CVE-2018-16288 More info:...
LG SuperSign EZ CMS 2.5 - Local File Inclusion Vulnerability
Exploit for hardware platform in category web applications Exploit Title: LG SuperSign EZ CMS 2.5 - Local File Inclusion Exploit Author: Alejandro Fanjul Vendor Homepage: https://www.lg.com/ar/software-lg-supersign Version: SuperSign EZ CMS Tested on: Web OS 4.0 CVE : CVE-2018-16288 More info:...
LG SuperSign EZ CMS 2.5 - Local File Inclusion
Exploit Title: LG SuperSign EZ CMS 2.5 - Local File Inclusion Date: 2018-09-13 Exploit Author: Alejandro Fanjul Vendor Homepage: https://www.lg.com/ar/software-lg-supersign Version: SuperSign EZ CMS Tested on: Web OS 4.0 CVE : CVE-2018-16288 More info:...
LG SuperSign CMS File Upload Vulnerability
LG SuperSign CMS is a content management system for LG webOS from the Luckin LG Group in Korea. The system supports connection to external databases and allows access to the server from mobile devices. A file upload vulnerability exists in LG SuperSign CMS, which can be exploited by an attacker...
LG SuperSign CMS Arbitrary File Read Vulnerability
LG SuperSign CMS is a content management system for LG webOS from the Luckin LG Group in Korea. The system supports connection to external databases and allows access to the server from mobile devices. An arbitrary file read vulnerability exists in LG SuperSign CMS, which can be exploited by an...
CVE-2018-16288
LG SuperSign CMS allows reading of arbitrary files via signEzUI/playlist/edit/upload/..%2f URIs...
CVE-2018-16706
LG SuperSign CMS allows TVs to be rebooted remotely without authentication via a direct HTTP request to /qsrserver/device/reboot on port 9080...
CVE-2018-16287
LG SuperSign CMS allows file upload via signEzUI/playlist/edit/upload/..%2f URIs...
CVE-2018-16288
LG SuperSign CMS allows reading of arbitrary files via signEzUI/playlist/edit/upload/..%2f URIs...
CVE-2018-16286
LG SuperSign CMS allows authentication bypass because the CAPTCHA requirement is skipped if a captcha:pass cookie is sent, and because the PIN is limited to four digits...
Authentication flaw
LG SuperSign CMS allows authentication bypass because the CAPTCHA requirement is skipped if a captcha:pass cookie is sent, and because the PIN is limited to four digits...
Code injection
LG SuperSign CMS allows reading of arbitrary files via signEzUI/playlist/edit/upload/..%2f URIs...
Authentication flaw
LG SuperSign CMS allows TVs to be rebooted remotely without authentication via a direct HTTP request to /qsrserver/device/reboot on port 9080...
Unrestricted file upload
LG SuperSign CMS allows file upload via signEzUI/playlist/edit/upload/..%2f URIs...
CVE-2018-16286
LG SuperSign CMS allows authentication bypass because the CAPTCHA requirement is skipped if a captcha:pass cookie is sent, and because the PIN is limited to four digits...
CVE-2018-16288
LG SuperSign CMS allows reading of arbitrary files via signEzUI/playlist/edit/upload/..%2f URIs...
CVE-2018-16706
LG SuperSign CMS allows TVs to be rebooted remotely without authentication via a direct HTTP request to /qsrserver/device/reboot on port 9080...
CVE-2018-16287
LG SuperSign CMS allows file upload via signEzUI/playlist/edit/upload/..%2f URIs...
CVE-2018-16706
CVE-2018-16706 affects LG SuperSign CMS. The issue allows remote reboot of TVs without authentication via a direct HTTP request to /qsr_server/device/reboot on port 9080. Root cause details are not elaborated in the provided documents beyond the reboot mechanism. Impact is high availability loss ...