contec

Top products

The 15 most recently published vulnerabilities affecting contec.

• CVE-2025-34081CONPROSYS HMI System (CHS) < 3.7.7 Exposed PHP Debug Info7.5Jul 1, 2025
• CVE-2025-34080CONPROSYS HMI System (CHS) < 3.7.7 Reflected Cross-Site Scripting6.1Jul 1, 2025
• CVE-2023-46509An issue in Contec SolarView Compact v.6.0 and before allows an attacker to execute arbitrary code via the texteditor.php component.9.8Oct 27, 2023
• CVE-2023-40924SolarView Compact < 6.00 is vulnerable to Directory Traversal.7.5Sep 8, 2023
• CVE-2023-28713Plaintext storage of a password exists in CONPROSYS HMI System (CHS) versions prior to 3.5.3. Because account information of the database is saved in a local file in plaintext, a user who can acces...8.1Jun 1, 2023
• CVE-2023-28657Improper access control vulnerability exists in CONPROSYS HMI System (CHS) versions prior to 3.5.3. A user of the PC where the affected product is installed may gain an administrative privilege. As...8.8Jun 1, 2023
• CVE-2023-28651Cross-site scripting vulnerability exists in CONPROSYS HMI System (CHS) versions prior to 3.5.3. If a user who can access the affected product with an administrative privilege configures specially ...4.8Jun 1, 2023
• CVE-2023-29154SQL injection vulnerability exists in the CONPROSYS HMI System (CHS) versions prior to 3.5.3. A user who can access the affected product with an administrative privilege may execute an arbitrary SQ...7.2Jun 1, 2023
• CVE-2023-28824Server-side request forgery vulnerability exists in CONPROSYS HMI System (CHS) versions prior to 3.5.3. A user who can access the affected product with an administrative privilege may bypass the da...4.9Jun 1, 2023
• CVE-2023-28399Incorrect permission assignment for critical resource exists in CONPROSYS HMI System (CHS) versions prior to 3.5.3. ACL (Access Control List) is not appropriately set to the local folder where the ...7.8Jun 1, 2023
• CVE-2023-2758Contec CONPROSYS HMI System (CHS) v3.5.2 Denial of Service3.7May 31, 2023
• CVE-2023-29919SolarView Compact <= 6.0 is vulnerable to Insecure Permissions. Any file on the server can be read or modified because texteditor.php is not restricted.9.1May 23, 2023
• CVE-2023-27920Improper access control vulnerability in the system date/time setting page of SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10 and SV-CPT-MC310F versions prior to Ver.8.10 allows a remote ...4.3May 23, 2023
• CVE-2023-27521OS command injection vulnerability in the mail setting page of SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10 and SV-CPT-MC310F versions prior to Ver.8.10 allows remote authenticated att...8.8May 23, 2023
• CVE-2023-27518Buffer overflow vulnerability in the multiple setting pages of SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10 and SV-CPT-MC310F versions prior to Ver.8.10 allows a remote authenticated a...8.8May 23, 2023