283 matches found
CVE-2022-44355
SolarView Compact 7.0 is affected by a Cross-site Scripting (XSS) vulnerability in the web server page /network_test.php. The issue (CVE-2022-44355) affects the Check Network Communication page and can lead to arbitrary script execution in a logged-in user’s browser. Root cause: XSS in the web in...
CVE-2022-44354
CVE-2022-44354 affects SolarView Compact 4.0–5.0. The connected documents describe an Unrestricted File Upload vulnerability caused by insufficient validation of uploaded files in these versions, allowing a crafted PHP file to be uploaded. The consequence is high impact (confidentiality, integrit...
PT-2022-27191 · Unknown · Solarview Compact
Name of the Vulnerable Software and Affected Versions: SolarView Compact version 7.0 Description: The issue is related to Cross-site Scripting XSS via the "/network test.php" API endpoint. This allows for potential malicious script injection and execution. No information is provided about the...
CVE-2022-44354
SolarView Compact 4.0 and 5.0 is vulnerable to Unrestricted File Upload via a crafted php file...
CVE-2022-44354
SolarView Compact 4.0 and 5.0 is vulnerable to Unrestricted File Upload via a crafted php file...
Contec SolarView Compact 代码问题漏洞
Contec SolarView Compact is an application system from Contec Japan. It provides photovoltaic power generation measurement system. A file upload vulnerability exists in Contec SolarView Compact versions 4.0 and 5.0. The vulnerability stems from the application's lack of effective validation of...
Contec SolarView Compact 跨站脚本漏洞
Contec SolarView Compact is an application system from Contec Japan. It provides a photovoltaic power generation measurement system. A security vulnerability exists in Contec SolarView Compact version 7.0, which originated from a discovery via /networktest.php that contains a cross-site scripting...
CVE-2022-44355
SolarView Compact 7.0 is vulnerable to Cross-site Scripting XSS via /networktest.php...
CVE-2022-40881
SolarView Compact 6.00 was discovered to contain a command injection vulnerability via networktest.php...
CVE-2022-40881
SolarView Compact 6.00 was discovered to contain a command injection vulnerability via networktest.php...
Command injection
SolarView Compact 6.00 was discovered to contain a command injection vulnerability via networktest.php...
Contec SolarView Compact 命令注入漏洞
Contec SolarView Compact is an application system from Contec Japan. It provides a photovoltaic power measurement system. A security vulnerability exists in Contec SolarView Compact version 6.00, which can be exploited by an attacker to inject via the command networktest.php...
CVE-2022-40881
SolarView Compact 6.00 was discovered to contain a command injection vulnerability via networktest.php...
CVE-2022-40881
CVE-2022-40881 affects SolarView Compact 6.00 (CONTEC) with a remote command-injection via the web server page network_test.php. Multiple connected sources confirm an OS command injection vulnerability on the product’s web interface (CWE-78) that allows an attacker to execute arbitrary commands o...
CVE-2022-40881
SolarView Compact 6.00 was discovered to contain a command injection vulnerability via networktest.php...
CVE-2022-35239
The image file management page of SolarView Compact SV-CPT-MC310 Ver.7.23 and earlier, and SV-CPT-MC310F Ver.7.23 and earlier contains an insufficient verification vulnerability when uploading files. If this vulnerability is exploited, arbitrary PHP code may be executed if a remote authenticated...
CVE-2022-35239
The image file management page of SolarView Compact SV-CPT-MC310 Ver.7.23 and earlier, and SV-CPT-MC310F Ver.7.23 and earlier contains an insufficient verification vulnerability when uploading files. If this vulnerability is exploited, arbitrary PHP code may be executed if a remote authenticated...
CVE-2022-35239
The image file management page of SolarView Compact SV-CPT-MC310 Ver.7.23 and earlier, and SV-CPT-MC310F Ver.7.23 and earlier contains an insufficient verification vulnerability when uploading files. If this vulnerability is exploited, arbitrary PHP code may be executed if a remote authenticated...
Design/Logic Flaw
The image file management page of SolarView Compact SV-CPT-MC310 Ver.7.23 and earlier, and SV-CPT-MC310F Ver.7.23 and earlier contains an insufficient verification vulnerability when uploading files. If this vulnerability is exploited, arbitrary PHP code may be executed if a remote authenticated...
CVE-2022-35239
CVE-2022-35239 affects SolarView Compact SV-CPT-MC310 and SV-CPT-MC310F (versions