Vulnerabilities > Deltaww > Diaenergie
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-01 | CVE-2022-1098 | Uncontrolled Search Path Element vulnerability in Deltaww Diaenergie 1.7.5 Delta Electronics DIAEnergie (all versions prior to 1.8.02.004) are vulnerable to a DLL hijacking condition. | 4.4 |
| 2022-03-29 | CVE-2022-0923 | SQL Injection vulnerability in Deltaww Diaenergie 1.7.5 Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability that exists in HandlerDialog_KID.ashx. | 7.5 |
| 2022-03-29 | CVE-2022-25347 | Path Traversal vulnerability in Deltaww Diaenergie 1.7.5 Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) is vulnerable to path traversal attacks, which may allow an attacker to write arbitrary files to locations on the file system. | 5.0 |
| 2022-03-29 | CVE-2022-25880 | SQL Injection vulnerability in Deltaww Diaenergie 1.7.5 Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in HandlerTag_KID.ashx. | 10.0 |
| 2022-03-29 | CVE-2022-25980 | SQL Injection vulnerability in Deltaww Diaenergie 1.7.5 Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability that exists in HandlerCommon.ashx. | 10.0 |
| 2022-03-29 | CVE-2022-26013 | SQL Injection vulnerability in Deltaww Diaenergie 1.7.5 Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability that exists in DIAE_dmdsetHandler.ashx. | 10.0 |
| 2022-03-29 | CVE-2022-26059 | SQL Injection vulnerability in Deltaww Diaenergie 1.7.5 Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability that exists in GetQueryData. | 10.0 |
| 2022-03-29 | CVE-2022-26065 | SQL Injection vulnerability in Deltaww Diaenergie 1.7.5 Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in GetLatestDemandNode. | 10.0 |
| 2022-03-29 | CVE-2022-26069 | SQL Injection vulnerability in Deltaww Diaenergie 1.7.5 Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability that exists in HandlerPage_KID.ashx. | 10.0 |
| 2022-03-29 | CVE-2022-26338 | SQL Injection vulnerability in Deltaww Diaenergie 1.7.5 Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in HandlerPageP_KID.ashx. | 10.0 |