CVEs (7)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Contec 1Solarview Compact Firmware Nov 21, 2024 Oct 27, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An issue in Contec SolarView Compact v.6.0 and before allows an attacker to execute arbitrary code via the texteditor.php component. |
SolarView Compact < 6.00 is vulnerable to Directory Traversal. |
1Contec 1Solarview Compact Firmware Jan 17, 2025 May 23, 2023 N/A· v4 9.1 CRITICAL· v3 N/A· v2 SolarView Compact <= 6.0 is vulnerable to Insecure Permissions. Any file on the server can be read or modified because texteditor.php is not restricted. |
1Contec 1Solarview Compact Firmware Mar 26, 2025 Feb 6, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 There is a command injection vulnerability in SolarView Compact through 6.00, attackers can execute commands by bypassing internal restrictions through downloader.php. |
1Contec 1Solarview Compact Firmware Apr 25, 2025 Nov 29, 2022 N/A· v4 6.1 MEDIUM· v3 N/A· v2 SolarView Compact 7.0 is vulnerable to Cross-site Scripting (XSS) via /network_test.php. |
1Contec 1Solarview Compact Firmware Apr 25, 2025 Nov 29, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 SolarView Compact 4.0 and 5.0 is vulnerable to Unrestricted File Upload via a crafted php file. |
1Contec 1Solarview Compact Firmware Apr 29, 2025 Nov 17, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 SolarView Compact 6.00 was discovered to contain a command injection vulnerability via network_test.php |