SolarView Compact 6.00 was discovered to contain a command injection vulnerability via network_test.php
9.8CVSS
9.8AI Score
0.961EPSS
SolarView Compact 4.0 and 5.0 is vulnerable to Unrestricted File Upload via a crafted php file.
9.8CVSS
9.1AI Score
0.003EPSS
SolarView Compact 7.0 is vulnerable to Cross-site Scripting (XSS) via /network_test.php.
6.1CVSS
6AI Score
0.001EPSS
There is a command injection vulnerability in SolarView Compact through 6.00, attackers can execute commands by bypassing internal restrictions through downloader.php.
9.8CVSS
9.7AI Score
0.96EPSS
SolarView Compact <= 6.0 is vulnerable to Insecure Permissions. Any file on the server can be read or modified because texteditor.php is not restricted.
9.1CVSS
9AI Score
0.35EPSS
7.5CVSS
7.4AI Score
0.001EPSS
An issue in Contec SolarView Compact v.6.0 and before allows an attacker to execute arbitrary code via the texteditor.php component.
9.8CVSS
9.6AI Score
0.001EPSS