CVE-2023-46509
- EPSS 0.63%
- Published 27.10.2023 21:15:09
- Last modified 21.11.2024 08:28:37
An issue in Contec SolarView Compact v.6.0 and before allows an attacker to execute arbitrary code via the texteditor.php component.
CVE-2023-40924
- EPSS 9.13%
- Published 08.09.2023 13:15:08
- Last modified 21.11.2024 08:20:18
SolarView Compact < 6.00 is vulnerable to Directory Traversal.
CVE-2023-29919
- EPSS 91.56%
- Published 23.05.2023 01:15:09
- Last modified 17.01.2025 19:15:28
SolarView Compact <= 6.0 is vulnerable to Insecure Permissions. Any file on the server can be read or modified because texteditor.php is not restricted.
CVE-2023-23333
- EPSS 94.22%
- Published 06.02.2023 22:15:09
- Last modified 26.03.2025 19:15:22
There is a command injection vulnerability in SolarView Compact through 6.00, attackers can execute commands by bypassing internal restrictions through downloader.php.
CVE-2022-44354
- EPSS 1.41%
- Published 29.11.2022 17:15:11
- Last modified 25.04.2025 16:15:24
SolarView Compact 4.0 and 5.0 is vulnerable to Unrestricted File Upload via a crafted php file.
CVE-2022-44355
- EPSS 0.21%
- Published 29.11.2022 17:15:11
- Last modified 25.04.2025 15:15:32
SolarView Compact 7.0 is vulnerable to Cross-site Scripting (XSS) via /network_test.php.
CVE-2022-40881
- EPSS 93.67%
- Published 17.11.2022 04:15:10
- Last modified 29.04.2025 21:15:48
SolarView Compact 6.00 was discovered to contain a command injection vulnerability via network_test.php