Filtered by vendor Deltaww
Subscriptions
Filtered by product Diaenergie
Subscriptions
Total
61 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2022-43775 | 1 Deltaww | 1 Diaenergie | 2024-08-03 | 9.8 Critical |
The HICT_Loop class in Delta Electronics DIAEnergy v1.9 contains a SQL Injection flaw that could allow an attacker to gain code execution on a remote system. | ||||
CVE-2022-43774 | 1 Deltaww | 1 Diaenergie | 2024-08-03 | 9.8 Critical |
The HandlerPageP_KID class in Delta Electronics DIAEnergy v1.9 contains a SQL Injection flaw that could allow an attacker to gain code execution on a remote system. | ||||
CVE-2022-43506 | 1 Deltaww | 1 Diaenergie | 2024-08-03 | 8.8 High |
SQL Injection in HandlerTag_KID.ashx in Delta Electronics DIAEnergie versions prior to v1.9.02.001 allows an attacker to inject SQL queries via Network | ||||
CVE-2022-43447 | 1 Deltaww | 1 Diaenergie | 2024-08-03 | 8.8 High |
SQL Injection in AM_EBillAnalysis.aspx in Delta Electronics DIAEnergie versions prior to v1.9.02.001 allows an attacker to inject SQL queries via Network | ||||
CVE-2022-43457 | 1 Deltaww | 1 Diaenergie | 2024-08-03 | 8.8 High |
SQL Injection in HandlerPage_KID.ashx in Delta Electronics DIAEnergie versions prior to v1.9.02.001 allows an attacker to inject SQL queries via Network | ||||
CVE-2022-43452 | 1 Deltaww | 1 Diaenergie | 2024-08-03 | 8.8 High |
SQL Injection in FtyInfoSetting.aspx in Delta Electronics DIAEnergie versions prior to v1.9.02.001 allows an attacker to inject SQL queries via Network | ||||
CVE-2022-41775 | 1 Deltaww | 1 Diaenergie | 2024-08-03 | 8.8 High |
SQL Injection in Handler_CFG.ashx in Delta Electronics DIAEnergie versions prior to v1.9.02.001 allows an attacker to inject SQL queries via Network | ||||
CVE-2022-33005 | 1 Deltaww | 1 Diaenergie | 2024-08-03 | 6.1 Medium |
A cross-site scripting (XSS) vulnerability in the System Settings/IOT Settings module of Delta Electronics DIAEnergie v1.08.00 allows attackers to execute arbitrary web scripts via a crafted payload injected into the Name text field. | ||||
CVE-2022-3214 | 1 Deltaww | 1 Diaenergie | 2024-08-03 | 9.8 Critical |
Delta Industrial Automation's DIAEnergy, an industrial energy management system, is vulnerable to CWE-798, Use of Hard-coded Credentials. Versions prior to 1.9.03.009 have this vulnerability. Executable files could be uploaded to certain directories using hard-coded bearer authorization, allowing remote code execution. | ||||
CVE-2022-1377 | 1 Deltaww | 1 Diaenergie | 2024-08-03 | 9.8 Critical |
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in DIAE_rltHandler.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands. | ||||
CVE-2022-1374 | 1 Deltaww | 1 Diaenergie | 2024-08-03 | 9.8 Critical |
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in DIAE_unHandler.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands. | ||||
CVE-2022-1375 | 1 Deltaww | 1 Diaenergie | 2024-08-03 | 9.8 Critical |
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in DIAE_slogHandler.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands. | ||||
CVE-2022-1376 | 1 Deltaww | 1 Diaenergie | 2024-08-03 | 9.8 Critical |
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in DIAE_privgrpHandler.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands. | ||||
CVE-2022-1370 | 1 Deltaww | 1 Diaenergie | 2024-08-03 | 9.8 Critical |
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in ReadREGbyID. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands. | ||||
CVE-2022-1366 | 1 Deltaww | 1 Diaenergie | 2024-08-03 | 9.8 Critical |
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in HandlerChart.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands. | ||||
CVE-2022-1369 | 1 Deltaww | 1 Diaenergie | 2024-08-03 | 9.8 Critical |
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in ReadRegIND. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands. | ||||
CVE-2022-1372 | 1 Deltaww | 1 Diaenergie | 2024-08-03 | 9.8 Critical |
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in dlSlog.aspx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands. | ||||
CVE-2022-1378 | 1 Deltaww | 1 Diaenergie | 2024-08-03 | 9.8 Critical |
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in DIAE_pgHandler.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands. | ||||
CVE-2022-1371 | 1 Deltaww | 1 Diaenergie | 2024-08-03 | 9.8 Critical |
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in ReadRegf. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands. | ||||
CVE-2022-1367 | 1 Deltaww | 1 Diaenergie | 2024-08-03 | 9.8 Critical |
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in Handler_TCV.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands. |