| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
|
SQL injection vulnerability exists in GetDIAE_unListParameters.
|
|
SQL injection vulnerability exists in the script Handler_CFG.ashx.
|
|
SQL injection vulnerability exists in GetDIAE_slogListParameters.
|
|
Path traversal attack is possible and write outside of the intended directory and may access sensitive information. If a file name is specified that already exists on the file system, then the original file will be overwritten.
|
|
SQL injection vulnerability exists in GetDIAE_astListParameters.
|
|
Improper neutralization of input within the affected product could lead to cross-site scripting.
|
|
It is possible to perform a path traversal attack and write outside of the intended directory. If a file name is specified that already exists on the file system, then the original file will be overwritten.
|
| Delta Electronic DOPSoft 2 (Version 2.00.07 and prior) lacks proper validation of user-supplied data when parsing specific project files. This could result in multiple out-of-bounds write instances. An attacker could leverage this vulnerability to execute code in the context of the current process. |
| ASDA-Soft Stack-based Buffer Overflow Vulnerability |
| ASDA-Soft Stack-based Buffer Overflow Vulnerability |
| Delta Electronics DIAScreen lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process. |
| Delta Electronics DIAScreen lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process. |
| Delta Electronics DIAScreen lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process. |
| Delta Electronics DIAScreen lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process. |
| Delta Electronics DIALink has an Directory Traversal Authentication Bypass Vulnerability. |
| Delta Electronics DIALink has an Directory Traversal Authentication Bypass Vulnerability. |
| Delta Electronics CNCSoft-G2 lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process. |
| Delta Electronics CNCSoft-G2 lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process. |
| Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current process. |
| Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current process. |
