280 matches found
CVE-2023-23333
There is a command injection vulnerability in SolarView Compact through 6.00, attackers can execute commands by bypassing internal restrictions through downloader.php...
Command injection
There is a command injection vulnerability in SolarView Compact through 6.00, attackers can execute commands by bypassing internal restrictions through downloader.php...
CVE-2023-23333
There is a command injection vulnerability in SolarView Compact through 6.00, attackers can execute commands by bypassing internal restrictions through downloader.php...
Contec SolarView Compact 命令注入漏洞
Contec SolarView Compact is an application system from Contec Japan. It provides photovoltaic power generation measurement system. A security vulnerability exists in Contec SolarView Compact version 6.00 and earlier versions. An attacker can exploit the vulnerability to execute commands via...
CVE-2023-23333
There is a command injection vulnerability in SolarView Compact through 6.00, attackers can execute commands by bypassing internal restrictions through downloader.php...
PT-2023-1590 · Unknown · Solarview Compact
Name of the Vulnerable Software and Affected Versions: SolarView Compact versions 6.00 and earlier Description: The issue is related to a command injection vulnerability, which allows attackers to execute commands by bypassing internal restrictions through the downloader.php endpoint. This is due...
CVE-2023-23333
SolarView Compact 6.00 is affected by an OS command injection via downloader.php, allowing remote code execution. The vulnerability arises from an insecure file parameter in downloader.php that can bypass internal restrictions. Public exploit templates (including Metasploit module) describe obtai...
Contec SolarView Compact vulnerable to cross-site scripting
Overview SolarView Compact provided by Contec Co., Ltd. is PV Measurement System. SolarView Compact contains a cross-site scripting vulnerability CWE-79, CVE-2022-44355 in Check Network Communication Page of the product's web server. As of 2022 December 5, a Proof-of-Concept PoC code exploiting...
Contec SolarView Compact File Upload Vulnerability
Contec SolarView Compact is an application system from Contec Japan. It provides photovoltaic power generation measurement system. A file upload vulnerability exists in Contec SolarView Compact versions 4.0 and 5.0. The vulnerability stems from the application's lack of effective validation of...
CVE-2022-44355
SolarView Compact 7.0 is vulnerable to Cross-site Scripting XSS via /networktest.php...
CVE-2022-44354
SolarView Compact 4.0 and 5.0 is vulnerable to Unrestricted File Upload via a crafted php file...
CVE-2022-44355
SolarView Compact 7.0 is vulnerable to Cross-site Scripting XSS via /networktest.php...
CVE-2022-44354
SolarView Compact 4.0 and 5.0 is vulnerable to Unrestricted File Upload via a crafted php file...
Cross site scripting
SolarView Compact 7.0 is vulnerable to Cross-site Scripting XSS via /networktest.php...
Unrestricted file upload
SolarView Compact 4.0 and 5.0 is vulnerable to Unrestricted File Upload via a crafted php file...
CVE-2022-44355
SolarView Compact 7.0 is vulnerable to Cross-site Scripting XSS via /networktest.php...
PT-2022-27190 · Unknown · Solarview Compact
Name of the Vulnerable Software and Affected Versions: SolarView Compact versions 4.0 through 5.0 Description: The issue allows for Unrestricted File Upload via a crafted php file. Recommendations: For SolarView Compact versions 4.0 through 5.0, consider restricting the upload of php files to...
CVE-2022-44355
SolarView Compact 7.0 is affected by a Cross-site Scripting (XSS) vulnerability in the web server page /network_test.php. The issue (CVE-2022-44355) affects the Check Network Communication page and can lead to arbitrary script execution in a logged-in user’s browser. Root cause: XSS in the web in...
CVE-2022-44354
CVE-2022-44354 affects SolarView Compact 4.0–5.0. The connected documents describe an Unrestricted File Upload vulnerability caused by insufficient validation of uploaded files in these versions, allowing a crafted PHP file to be uploaded. The consequence is high impact (confidentiality, integrit...
CVE-2022-44354
SolarView Compact 4.0 and 5.0 is vulnerable to Unrestricted File Upload via a crafted php file...