Contec: >> Solarview Compact Security Vulnerabilities
An issue in Contec SolarView Compact v.6.0 and before allows an attacker to execute arbitrary code via the texteditor.php component.
CVSS Score
9.8
EPSS Score
0.008
Published
2023-10-27
SolarView Compact < 6.00 is vulnerable to Directory Traversal.
CVSS Score
7.5
EPSS Score
0.029
Published
2023-09-08
SolarView Compact <= 6.0 is vulnerable to Insecure Permissions. Any file on the server can be read or modified because texteditor.php is not restricted.
CVSS Score
9.1
EPSS Score
0.602
Published
2023-05-23
There is a command injection vulnerability in SolarView Compact through 6.00, attackers can execute commands by bypassing internal restrictions through downloader.php.
CVSS Score
9.8
EPSS Score
0.993
Published
2023-02-06
SolarView Compact 4.0 and 5.0 is vulnerable to Unrestricted File Upload via a crafted php file.
CVSS Score
9.8
EPSS Score
0.021
Published
2022-11-29
SolarView Compact 7.0 is vulnerable to Cross-site Scripting (XSS) via /network_test.php.
CVSS Score
6.1
EPSS Score
0.016
Published
2022-11-29
SolarView Compact 6.00 was discovered to contain a command injection vulnerability via network_test.php
CVSS Score
9.8
EPSS Score
0.295
Published
2022-11-17