Vulnerabilities > Deltaww > Diaenergie

DATE CVE VULNERABILITY TITLE RISK
2022-10-27 CVE-2022-41773 SQL Injection vulnerability in Deltaww Diaenergie
The affected product DIAEnergie (versions prior to v1.9.01.002) is vulnerable to a SQL injection that exists in CheckDIACloud.
network
low complexity
deltaww CWE-89
8.8
8.8
2022-10-26 CVE-2022-43774 SQL Injection vulnerability in Deltaww Diaenergie 1.9.0
The HandlerPageP_KID class in Delta Electronics DIAEnergy v1.9 contains a SQL Injection flaw that could allow an attacker to gain code execution on a remote system.
network
low complexity
deltaww CWE-89
critical
 9.8
9.8
2022-10-26 CVE-2022-43775 SQL Injection vulnerability in Deltaww Diaenergie 1.9.0
The HICT_Loop class in Delta Electronics DIAEnergy v1.9 contains a SQL Injection flaw that could allow an attacker to gain code execution on a remote system.
network
low complexity
deltaww CWE-89
critical
 9.8
9.8
2022-09-16 CVE-2022-3214 Unspecified vulnerability in Deltaww Diaenergie
Delta Industrial Automation's DIAEnergy, an industrial energy management system, is vulnerable to CWE-798, Use of Hard-coded Credentials.
network
low complexity
deltaww
critical
 9.8
9.8
2022-06-27 CVE-2022-33005 Cross-site Scripting vulnerability in Deltaww Diaenergie 1.08.00
A cross-site scripting (XSS) vulnerability in the System Settings/IOT Settings module of Delta Electronics DIAEnergie v1.08.00 allows attackers to execute arbitrary web scripts via a crafted payload injected into the Name text field.
network
low complexity
deltaww CWE-79
6.1
6.1
2022-05-02 CVE-2022-1367 Unspecified vulnerability in Deltaww Diaenergie 1.08.00/1.7.5/1.8.0
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in Handler_TCV.ashx.
network
low complexity
deltaww
critical
 9.8
9.8
2022-05-02 CVE-2022-1369 Unspecified vulnerability in Deltaww Diaenergie 1.08.00/1.7.5/1.8.0
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in ReadRegIND.
network
low complexity
deltaww
critical
 9.8
9.8
2022-05-02 CVE-2022-1370 Unspecified vulnerability in Deltaww Diaenergie 1.08.00/1.7.5/1.8.0
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in ReadREGbyID.
network
low complexity
deltaww
critical
 9.8
9.8
2022-05-02 CVE-2022-1371 Unspecified vulnerability in Deltaww Diaenergie 1.08.00/1.7.5/1.8.0
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in ReadRegf.
network
low complexity
deltaww
critical
 9.8
9.8
2022-05-02 CVE-2022-1372 SQL Injection vulnerability in Deltaww Diaenergie 1.08.00/1.7.5/1.8.0
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in dlSlog.aspx.
network
low complexity
deltaww CWE-89
critical
 9.8
9.8