Contec: >> Conprosys Hmi System >> 3.5.3 Security Vulnerabilities
The Contec Co.,Ltd. CONPROSYS HMI System (CHS) is vulnerable to Cross-Site Scripting (XSS) in the getqsetting.php functionality that could allow reflected execution of scripts in the browser on interaction.This issue affects CONPROSYS HMI System (CHS): before 3.7.7.
CVSS Score
6.1
EPSS Score
0.001
Published
2025-07-01
The Contec Co.,Ltd. CONPROSYS HMI System (CHS) exposes a PHP phpinfo() debug page to unauthenticated users that may contain sensitive data useful for an attacker.This issue affects CONPROSYS HMI System (CHS): before 3.7.7.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-07-01