contec co., ltd.

Top products

The 15 most recently published vulnerabilities affecting contec co., ltd..

• CVE-2023-46509An issue in Contec SolarView Compact v.6.0 and before allows an attacker to execute arbitrary code via the texteditor.php component.9.8Oct 27, 2023
• CVE-2023-28713Plaintext storage of a password exists in CONPROSYS HMI System (CHS) versions prior to 3.5.3. Because account information of the database is saved in a local file in plaintext, a user who can acces...8.1Jun 1, 2023
• CVE-2023-28657Improper access control vulnerability exists in CONPROSYS HMI System (CHS) versions prior to 3.5.3. A user of the PC where the affected product is installed may gain an administrative privilege. As...8.8Jun 1, 2023
• CVE-2023-28651Cross-site scripting vulnerability exists in CONPROSYS HMI System (CHS) versions prior to 3.5.3. If a user who can access the affected product with an administrative privilege configures specially ...4.8Jun 1, 2023
• CVE-2023-29154SQL injection vulnerability exists in the CONPROSYS HMI System (CHS) versions prior to 3.5.3. A user who can access the affected product with an administrative privilege may execute an arbitrary SQ...7.2Jun 1, 2023
• CVE-2023-28824Server-side request forgery vulnerability exists in CONPROSYS HMI System (CHS) versions prior to 3.5.3. A user who can access the affected product with an administrative privilege may bypass the da...4.9Jun 1, 2023
• CVE-2023-28399Incorrect permission assignment for critical resource exists in CONPROSYS HMI System (CHS) versions prior to 3.5.3. ACL (Access Control List) is not appropriately set to the local folder where the ...7.8Jun 1, 2023
• CVE-2023-27920Improper access control vulnerability in the system date/time setting page of SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10 and SV-CPT-MC310F versions prior to Ver.8.10 allows a remote ...4.3May 23, 2023
• CVE-2023-27521OS command injection vulnerability in the mail setting page of SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10 and SV-CPT-MC310F versions prior to Ver.8.10 allows remote authenticated att...8.8May 23, 2023
• CVE-2023-27518Buffer overflow vulnerability in the multiple setting pages of SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10 and SV-CPT-MC310F versions prior to Ver.8.10 allows a remote authenticated a...8.8May 23, 2023
• CVE-2023-27514OS command injection vulnerability in the download page of SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10 and SV-CPT-MC310F versions prior to Ver.8.10 allows a remote authenticated attac...8.8May 23, 2023
• CVE-2023-27512Use of hard-coded credentials exists in SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10, and SV-CPT-MC310F versions prior to Ver.8.10, which may allow a remote authenticated attacker to l...7.2May 23, 2023
• CVE-2023-1658Уязвимость HMI/SCADA CONPROSYS HMI, связанная с непринятием мер по защите структуры SQL-запроса, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации7.5Apr 4, 2023
• CVE-2023-23333There is a command injection vulnerability in SolarView Compact through 6.00, attackers can execute commands by bypassing internal restrictions through downloader.php.9.8Feb 6, 2023
• CVE-2023-22324SQL injection vulnerability in the CONPROSYS HMI System (CHS) Ver.3.5.0 and earlier allows a remote authenticated attacker to execute an arbitrary SQL command. As a result, information stored in th...6.5Jan 30, 2023