SolarView
Products
1- 9 CVEs
Recent CVEs
9| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-29303 | 0.23 | — | 1.00 | KEV | May 12, 2022 | SolarView Compact ver.6.00 was discovered to contain a command injection vulnerability via conf_mail.php. | ||
| CVE-2023-23333 | 0.11 | — | 0.99 | Feb 6, 2023 | There is a command injection vulnerability in SolarView Compact through 6.00, attackers can execute commands by bypassing internal restrictions through downloader.php. | |||
| CVE-2022-29298 | 0.09 | — | 0.45 | May 12, 2022 | SolarView Compact ver.6.00 allows attackers to access sensitive files via directory traversal. | |||
| CVE-2023-29919 | 0.07 | — | 0.60 | May 23, 2023 | SolarView Compact <= 6.0 is vulnerable to Insecure Permissions. Any file on the server can be read or modified because texteditor.php is not restricted. | |||
| CVE-2023-40924 | 0.05 | — | 0.03 | Sep 8, 2023 | SolarView Compact < 6.00 is vulnerable to Directory Traversal. | |||
| CVE-2022-44354 | 0.00 | — | 0.02 | Nov 29, 2022 | SolarView Compact 4.0 and 5.0 is vulnerable to Unrestricted File Upload via a crafted php file. | |||
| CVE-2022-31373 | 0.00 | — | 0.05 | Jun 21, 2022 | SolarView Compact v6.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component Solar_AiConf.php. | |||
| CVE-2022-31374 | 0.00 | — | 0.03 | Jun 21, 2022 | An arbitrary file upload vulnerability /images/background/1.php in of SolarView Compact 6.0 allows attackers to execute arbitrary code via a crafted php file. | |||
| CVE-2022-29302 | 0.00 | — | 0.00 | May 12, 2022 | SolarView Compact ver.6.00 was discovered to contain a local file disclosure via /html/Solar_Ftp.php. |
- risk 0.23cvss —epss 1.00
SolarView Compact ver.6.00 was discovered to contain a command injection vulnerability via conf_mail.php.
- CVE-2023-23333Feb 6, 2023risk 0.11cvss —epss 0.99
There is a command injection vulnerability in SolarView Compact through 6.00, attackers can execute commands by bypassing internal restrictions through downloader.php.
- CVE-2022-29298May 12, 2022risk 0.09cvss —epss 0.45
SolarView Compact ver.6.00 allows attackers to access sensitive files via directory traversal.
- CVE-2023-29919May 23, 2023risk 0.07cvss —epss 0.60
SolarView Compact <= 6.0 is vulnerable to Insecure Permissions. Any file on the server can be read or modified because texteditor.php is not restricted.
- CVE-2023-40924Sep 8, 2023risk 0.05cvss —epss 0.03
SolarView Compact < 6.00 is vulnerable to Directory Traversal.
- CVE-2022-44354Nov 29, 2022risk 0.00cvss —epss 0.02
SolarView Compact 4.0 and 5.0 is vulnerable to Unrestricted File Upload via a crafted php file.
- CVE-2022-31373Jun 21, 2022risk 0.00cvss —epss 0.05
SolarView Compact v6.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component Solar_AiConf.php.
- CVE-2022-31374Jun 21, 2022risk 0.00cvss —epss 0.03
An arbitrary file upload vulnerability /images/background/1.php in of SolarView Compact 6.0 allows attackers to execute arbitrary code via a crafted php file.
- CVE-2022-29302May 12, 2022risk 0.00cvss —epss 0.00
SolarView Compact ver.6.00 was discovered to contain a local file disclosure via /html/Solar_Ftp.php.