Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
solar vulnerabilities and exploits
(subscribe to this query)
356
VMScore
CVE-2021-34544
An issue exists in Solar-Log 500 prior to 2.8.2 Build 52 23.04.2013. In /export.html, email.html, and sms.html, cleartext passwords are stored. This may allow sensitive information to be read by someone with access to the device.
Bkw Solar-log 500 Firmware
Bkw Solar-log 500 Firmware 2.8.2
445
VMScore
CVE-2021-34543
The web administration server in Solar-Log 500 prior to 2.8.2 Build 52 does not require authentication, which allows remote malicious users to gain administrative privileges by connecting to the server. As a result, the attacker can modify configuration files and change the syste...
Bkw Solar-log 500 Firmware
Bkw Solar-log 500 Firmware 2.8.2
570
VMScore
CVE-2022-31537
The jmcginty15/Solar-system-simulator repository through 2021-07-26 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Solar-system-simulator Project Solar-system-simulator
383
VMScore
CVE-2015-6475
Multiple cross-site scripting (XSS) vulnerabilities in IBC Solar ServeMaster TLP+ and Danfoss TLX Pro+ allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Ibc Solar Danfoss Tlx Pro\\+ -
Ibc Solar Servemaster Tlp\\+ -
445
VMScore
CVE-2015-6469
The interpreter in IBC Solar ServeMaster TLP+ and Danfoss TLX Pro+ allows remote malicious users to discover script source code via unspecified vectors.
Ibc Solar Servemaster Tlp\\+ -
Ibc Solar Danfoss Tlx Pro\\+ -
445
VMScore
CVE-2015-6474
IBC Solar ServeMaster TLP+ and Danfoss TLX Pro+ allow remote malicious users to discover cleartext passwords by reading HTML source code.
Ibc Solar Danfoss Tlx Pro\\+ -
Ibc Solar Servemaster Tlp\\+ -
NA
CVE-2024-1016
A vulnerability was found in Solar FTP Server 2.1.1/2.1.2. It has been declared as problematic. This vulnerability affects unknown code of the component PASV Command Handler. The manipulation leads to denial of service. The attack can be initiated remotely. The exploit has been d...
Flexbyte Solar Ftp Server 2.1.2
Flexbyte Solar Ftp Server 2.1.1
NA
CVE-2022-1277
Inavitas Solar Log product has an unauthenticated SQL Injection vulnerability.
Inavitas Solar Log
668
VMScore
CVE-2019-11367
An issue exists in AUO Solar Data Recorder prior to 1.3.0. The web portal uses HTTP Basic Authentication and provides the account and password in the WWW-Authenticate attribute. By using this account and password, anyone can login successfully.
Auo Solar Data Recorder
312
VMScore
CVE-2019-11368
Stored XSS exists in AUO Solar Data Recorder prior to 1.3.0 via the protect/config.htm addr parameter.
Auo Solar Data Recorder
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »