LG Simple Editor 漏洞列表

LG Simple Editor readVideoInfo Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the readVideoInfo method. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of SYSTEM.

LG Simple Editor readVideoInfo Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the readVideoInfo method. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of SYSTEM.

LG Simple Editor存在远程代码执行漏洞。此漏洞是由于uploadImage.do对用户上传的文件缺乏校验导致的。

LG Simple Editor中存在目录遍历漏洞。该漏洞是由于处理copyStickerContent命令时对输入验证不当造成的。

LG Simple Editor中存在目录遍历漏洞。此漏洞是由于deleteFolder方法中对输入的数据验证不正确导致的。

LG Simple Editor中存在任意文件读取漏洞，此漏洞是由于folderManager接口未充分验证用户输入的数据所导致的。