Deltaww - Diaenergie CVE

Filtered by vendor Deltaww Subscriptions

Filtered by product Diaenergie Subscriptions

Total 61 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2022-43775	1 Deltaww	1 Diaenergie	2024-08-03	9.8 Critical
The HICT_Loop class in Delta Electronics DIAEnergy v1.9 contains a SQL Injection flaw that could allow an attacker to gain code execution on a remote system.
CVE-2022-43774	1 Deltaww	1 Diaenergie	2024-08-03	9.8 Critical
The HandlerPageP_KID class in Delta Electronics DIAEnergy v1.9 contains a SQL Injection flaw that could allow an attacker to gain code execution on a remote system.
CVE-2022-43506	1 Deltaww	1 Diaenergie	2024-08-03	8.8 High
SQL Injection in HandlerTag_KID.ashx in Delta Electronics DIAEnergie versions prior to v1.9.02.001 allows an attacker to inject SQL queries via Network
CVE-2022-43447	1 Deltaww	1 Diaenergie	2024-08-03	8.8 High
SQL Injection in AM_EBillAnalysis.aspx in Delta Electronics DIAEnergie versions prior to v1.9.02.001 allows an attacker to inject SQL queries via Network
CVE-2022-43457	1 Deltaww	1 Diaenergie	2024-08-03	8.8 High
SQL Injection in HandlerPage_KID.ashx in Delta Electronics DIAEnergie versions prior to v1.9.02.001 allows an attacker to inject SQL queries via Network
CVE-2022-43452	1 Deltaww	1 Diaenergie	2024-08-03	8.8 High
SQL Injection in FtyInfoSetting.aspx in Delta Electronics DIAEnergie versions prior to v1.9.02.001 allows an attacker to inject SQL queries via Network
CVE-2022-41775	1 Deltaww	1 Diaenergie	2024-08-03	8.8 High
SQL Injection in Handler_CFG.ashx in Delta Electronics DIAEnergie versions prior to v1.9.02.001 allows an attacker to inject SQL queries via Network
CVE-2022-33005	1 Deltaww	1 Diaenergie	2024-08-03	6.1 Medium
A cross-site scripting (XSS) vulnerability in the System Settings/IOT Settings module of Delta Electronics DIAEnergie v1.08.00 allows attackers to execute arbitrary web scripts via a crafted payload injected into the Name text field.
CVE-2022-3214	1 Deltaww	1 Diaenergie	2024-08-03	9.8 Critical
Delta Industrial Automation's DIAEnergy, an industrial energy management system, is vulnerable to CWE-798, Use of Hard-coded Credentials. Versions prior to 1.9.03.009 have this vulnerability. Executable files could be uploaded to certain directories using hard-coded bearer authorization, allowing remote code execution.
CVE-2022-1377	1 Deltaww	1 Diaenergie	2024-08-03	9.8 Critical
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in DIAE_rltHandler.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands.
CVE-2022-1374	1 Deltaww	1 Diaenergie	2024-08-03	9.8 Critical
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in DIAE_unHandler.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands.
CVE-2022-1375	1 Deltaww	1 Diaenergie	2024-08-03	9.8 Critical
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in DIAE_slogHandler.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands.
CVE-2022-1376	1 Deltaww	1 Diaenergie	2024-08-03	9.8 Critical
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in DIAE_privgrpHandler.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands.
CVE-2022-1370	1 Deltaww	1 Diaenergie	2024-08-03	9.8 Critical
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in ReadREGbyID. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands.
CVE-2022-1366	1 Deltaww	1 Diaenergie	2024-08-03	9.8 Critical
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in HandlerChart.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands.
CVE-2022-1369	1 Deltaww	1 Diaenergie	2024-08-03	9.8 Critical
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in ReadRegIND. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands.
CVE-2022-1372	1 Deltaww	1 Diaenergie	2024-08-03	9.8 Critical
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in dlSlog.aspx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands.
CVE-2022-1378	1 Deltaww	1 Diaenergie	2024-08-03	9.8 Critical
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in DIAE_pgHandler.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands.
CVE-2022-1371	1 Deltaww	1 Diaenergie	2024-08-03	9.8 Critical
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in ReadRegf. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands.
CVE-2022-1367	1 Deltaww	1 Diaenergie	2024-08-03	9.8 Critical
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in Handler_TCV.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands.

« first previous Page 3 of 4. next last »