SolarView Compact < 6.00 - Directory Traversal

SolarView Compact before version 6.00 is vulnerable to directory traversal via the file parameter in downloader.php. An unauthenticated attacker can read arbitrary files from the system by using path traversal sequences with a null byte bypass to access sensitive files such as /etc/passwd. id:...

SolarView Compact 6.00 - OS Command Injection

SolarView Compact 6.00 was discovered to contain a command injection vulnerability, attackers can execute commands by bypassing internal restrictions through downloader.php. id: CVE-2023-23333 info: name: SolarView Compact 6.00 - OS Command Injection author: Mr-xn severity: critical description: ...

CVE-2023-29919

SolarView Compact = 6.0 is vulnerable to Insecure Permissions. Any file on the server can be read or modified because texteditor.php is not restricted...

CVE-2023-40924

SolarView Compact 6.00 is vulnerable to Directory Traversal...

CVE-2022-35239

The image file management page of SolarView Compact SV-CPT-MC310 Ver.7.23 and earlier, and SV-CPT-MC310F Ver.7.23 and earlier contains an insufficient verification vulnerability when uploading files. If this vulnerability is exploited, arbitrary PHP code may be executed if a remote authenticated...

EUVD-2023-45463

Malicious code in bioql PyPI...

EUVD-2021-8074

Malicious code in bioql PyPI...

EUVD-2021-8075

Malicious code in bioql PyPI...

EUVD-2021-8076

Malicious code in bioql PyPI...

EUVD-2021-8078

Malicious code in bioql PyPI...

EUVD-2021-8079

Malicious code in bioql PyPI...

EUVD-2021-8080

Malicious code in bioql PyPI...

EUVD-2022-38131

Malicious code in bioql PyPI...

EUVD-2022-52899

Malicious code in bioql PyPI...

EUVD-2022-33645

Malicious code in bioql PyPI...

EUVD-2023-31280

Malicious code in bioql PyPI...

EUVD-2023-31283

Malicious code in bioql PyPI...

EUVD-2023-31276

Malicious code in bioql PyPI...

CVE-2023-27521

OS command injection vulnerability in the mail setting page of SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10 and SV-CPT-MC310F versions prior to Ver.8.10 allows remote authenticated attackers to execute an arbitrary OS command...

CVE-2023-27512

Use of hard-coded credentials exists in SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10, and SV-CPT-MC310F versions prior to Ver.8.10, which may allow a remote authenticated attacker to login the affected product with an administrative privilege and perform an unintended operation...