CVE-2022-29298

🗓️ 12 May 2022 15:17:13Reported by mitreType

cve🔗 web.nvd.nist.gov📰️ 6 Media mentions👁 83 Views🌐 WEB

SolarView Compact v6.00, CVE-2022-29298, directory traversal vulnerabilit

Reporter	Title	Published	Views	Family All 13
ATTACKERKB	CVE-2022-29298	12 May 202216:15	–	attackerkb
Circl	CVE-2022-29298	12 May 202220:42	–	circl
CNNVD	Contec SolarView Compact 路径遍历漏洞	12 May 202200:00	–	cnnvd
Cvelist	CVE-2022-29298	12 May 202215:17	–	cvelist
Exploit DB	SolarView Compact 6.00 - Directory Traversal	3 Jun 202200:00	–	exploitdb
Japan Vulnerability Notes	Multiple vulnerabilities in CONTEC SolarView Compact	27 May 202206:28	–	jvn
Nuclei	SolarView Compact 6.00 - Local File Inclusion	6 Jun 202603:01	–	nuclei
NVD	CVE-2022-29298	12 May 202216:15	–	nvd
OSV	CVE-2022-29298	12 May 202216:15	–	osv
Packet Storm	SolarView Compact 6.00 Directory Traversal	3 Jun 202200:00	–	packetstorm

NVD

Node

AND

Source	Link
drive	www.drive.google.com/file/d/1-RHw9ekVidP8zc0xpbzBXnse2gSY1xbH/view
packetstormsecurity	www.packetstormsecurity.com/files/167383/SolarView-Compact-6.00-Directory-Traversal.html

Parameter	Position	Path	Description	CWE
file	query param	downloader.php?file=../../../../../../../../../../../../../etc/passwd%00.jpg	Directory traversal to access sensitive files via downloader.php	CWE-22

21 Nov 2024 06:58Current

7.4High risk

Vulners AI Score7.4

CVSS 25

CVSS 3.17.5

EPSS0.81118