漏洞描述
SolarViewCompact是日本Kangtaike公司的一个应用系统。提供光伏发电测量系统。Solar_Image.php存在任意文件上传漏洞,攻击者可通过该漏洞获取服务器权限。
SolarView Compact 7.0 Solar_Image.php任意文件上传漏洞(bypass)
PoC代码
暂无相关漏洞推荐
- POC nginx-status-403-bypass: Nginx Status Page - 403 Bypass
- nacos-sync-login-bypass: Nacos-Sync 未授权进后台
- POC CVE-2021-21745: ZTE MF971R - Referer authentication bypass
- POC CVE-2022-29298: SolarView Compact 6.00 - Local File Inclusion
- POC CVE-2022-29299: SolarView Compact 6.00 - 'time_begin' Cross-Site Scripting
- POC CVE-2022-29301: SolarView Compact 6.00 - 'pow' Cross-Site Scripting
- POC CVE-2022-29303: SolarView Compact 6.00 - OS Command Injection
- POC CVE-2022-31373: SolarView Compact 6.00 - Cross-Site Scripting
- POC CVE-2022-40881: SolarView 6.00 - Remote Command Execution
- POC CVE-2023-23333: SolarView Compact 6.00 - OS Command Injection
- POC CVE-2023-29919: SolarView Compact <= 6.00 - Local File Inclusion
- POC CVE-2021-31602: Pentahoa uthentication bypass
- POC CVE-2021-37580: Apache ShenYu Admin JWT authentication bypass