CVE-2022-31373

SolarView Compact v6.0 was discovered to contain a cross-site scripting XSS vulnerability via the component SolarAiConf.php...

CVE-2022-31374

An arbitrary file upload vulnerability /images/background/1.php in of SolarView Compact 6.0 allows attackers to execute arbitrary code via a crafted php file...

CVE-2022-31373

SolarView Compact v6.0 was discovered to contain a cross-site scripting XSS vulnerability via the component SolarAiConf.php...

CVE-2022-31374

An arbitrary file upload vulnerability /images/background/1.php in of SolarView Compact 6.0 allows attackers to execute arbitrary code via a crafted php file...

CVE-2022-31374

An arbitrary file upload vulnerability /images/background/1.php in of SolarView Compact 6.0 allows attackers to execute arbitrary code via a crafted php file...

Privilege escalation

An arbitrary file upload vulnerability /images/background/1.php in of SolarView Compact 6.0 allows attackers to execute arbitrary code via a crafted php file...

Cross site scripting

SolarView Compact v6.0 was discovered to contain a cross-site scripting XSS vulnerability via the component SolarAiConf.php...

CVE-2022-31373

SolarView Compact v6.0 was discovered to contain a cross-site scripting XSS vulnerability via the component SolarAiConf.php...

CVE-2022-31374

CVE-2022-31374 affects Contec SolarView Compact 6.0. The vulnerability is an arbitrary file upload in /images/background/1.php that allows an attacker to execute arbitrary code by submitting a crafted PHP file. Root cause: improper handling/filtration of input in the image handling path leading t...

CVE-2022-31373

SolarView Compact (v6.0/6.00) contains a cross-site scripting vulnerability in the Solar_AiConf.php component. An attacker can inject script that runs in the victim’s browser, potentially leading to session hijacking or credential theft. Root cause described across sources is insufficient input v...

CVE-2022-31374

An arbitrary file upload vulnerability /images/background/1.php in of SolarView Compact 6.0 allows attackers to execute arbitrary code via a crafted php file...

Contec SolarView Compact 跨站脚本漏洞

Contec SolarView Compact is an application from Contec Japan, Inc. Contec SolarView Compact v6.0 contains a cross-site scripting vulnerability that originates in the component SolarAiConf.php, which lacks a data validation filter for user-supplied data and output. An attacker could exploit this...

Contec SolarView Compact 代码问题漏洞

Contec SolarView Compact is an application from Contec Japan, Inc. Contec SolarView Compact v6.0 contains a remote code execution vulnerability that stems from a failure of SolarImage.php to properly filter special elements of the construction snippet. An attacker could exploit this vulnerability...

SolarView Compact 6.00 Cross Site Scripting

Exploit Title: SolarView Compact 6.00 - 'timebegin' Cross-Site Scripting XSS Date: 2022-05-15 Exploit Author: Ahmed Alroky Author Company : AIactive Version: ver.6.00 Vendor home page : https://www.contec.com/ Authentication Required: No CVE : CVE-2022-29299 Tested on: Windows Proof Of Concept:...

SolarView Compact 6.00 - 'pow' Cross-Site Scripting (XSS)

Exploit Title: SolarView Compact 6.00 - 'pow' Cross-Site Scripting XSS Date: 2022-05-15 Exploit Author: Ahmed Alroky Author Company : AIactive Version: ver.6.00 Vendor home page : https://www.contec.com/ Authentication Required: No CVE : CVE-2022-29301 Tested on: Windows Proof Of Concept:...

SolarView Compact 6.00 - (pow) Cross-Site Scripting Vulnerability

Exploit Title: SolarView Compact 6.00 - 'pow' Cross-Site Scripting XSS Exploit Author: Ahmed Alroky Author Company : AIactive Version: ver.6.00 Vendor home page : https://www.contec.com/ Authentication Required: No CVE : CVE-2022-29301 Tested on: Windows Proof Of Concept:...

SolarView Compact 6.00 - 'time_begin' Cross-Site Scripting (XSS)

Exploit Title: SolarView Compact 6.00 - 'timebegin' Cross-Site Scripting XSS Date: 2022-05-15 Exploit Author: Ahmed Alroky Author Company : AIactive Version: ver.6.00 Vendor home page : https://www.contec.com/ Authentication Required: No CVE : CVE-2022-29299 Tested on: Windows Proof Of Concept:...

SolarView Compact 6.00 - (time_begin) Cross-Site Scripting Vulnerability

Exploit Title: SolarView Compact 6.00 - 'timebegin' Cross-Site Scripting XSS Exploit Author: Ahmed Alroky Author Company : AIactive Version: ver.6.00 Vendor home page : https://www.contec.com/ Authentication Required: No CVE : CVE-2022-29299 Tested on: Windows Proof Of Concept:...

SolarView Compact 6.00 Directory Traversal

Exploit Title: SolarView Compact 6.00 - Directory Traversal Date: 2022-05-15 Exploit Author: Ahmed Alroky Author Company : Aiactive Author linkedin profile : https://www.linkedin.com/in/ahmedalroky/ Version: ver.6.00 Vendor home page : https://www.contec.com/ Authentication Required: No CVE :...

SolarView Compact 6.00 - Directory Traversal

Exploit Title: SolarView Compact 6.00 - Directory Traversal Date: 2022-05-15 Exploit Author: Ahmed Alroky Author Company : Aiactive Author linkedin profile : https://www.linkedin.com/in/ahmedalroky/ Version: ver.6.00 Vendor home page : https://www.contec.com/ Authentication Required: No CVE :...