BUG_Author: YE Affected version: Contec SolarView Compact <6.00 Vendor: https://www.contecinc.com/
Vulnerability File:
downloader.php
Description:
Attacker exploit the vulnerability through downloader.php? The file parameter reads sensitive files through the directory pass.
downloader.php?file Existential directory traversal
It can read the sensitive file /etc/password
The password hash of the root administrator can be used to crack it
