Vulnerabilities > Deltaww

DATE CVE VULNERABILITY TITLE RISK
2022-05-02 CVE-2022-1376 SQL Injection vulnerability in Deltaww Diaenergie 1.08.00/1.7.5/1.8.0
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in DIAE_privgrpHandler.ashx.
network
low complexity
deltaww CWE-89
critical
 9.8
9.8
2022-05-02 CVE-2022-1377 SQL Injection vulnerability in Deltaww Diaenergie 1.08.00/1.7.5/1.8.0
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in DIAE_rltHandler.ashx.
network
low complexity
deltaww CWE-89
critical
 9.8
9.8
2022-05-02 CVE-2022-1378 SQL Injection vulnerability in Deltaww Diaenergie 1.08.00/1.7.5/1.8.0
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in DIAE_pgHandler.ashx.
network
low complexity
deltaww CWE-89
critical
 9.8
9.8
2022-05-02 CVE-2022-1366 SQL Injection vulnerability in Deltaww Diaenergie 1.08.00/1.7.5/1.8.0
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in HandlerChart.ashx.
network
low complexity
deltaww CWE-89
critical
 9.8
9.8
2022-04-29 CVE-2022-1402 Out-of-bounds Read vulnerability in Deltaww Asda Soft 5.4.1.0
ASDA-Soft: Version 5.4.1.0 and prior does not properly sanitize input while processing a specific project file, allowing a possible out-of-bounds read condition.
local
low complexity
deltaww CWE-125
7.1
7.1
2022-04-29 CVE-2022-1403 Out-of-bounds Write vulnerability in Deltaww Asda Soft 5.4.1.0
ASDA-Soft: Version 5.4.1.0 and prior does not properly sanitize input while processing a specific project file, allowing a possible out-of-bounds write condition.
local
low complexity
deltaww CWE-787
7.8
7.8
2022-04-01 CVE-2022-1098 Uncontrolled Search Path Element vulnerability in Deltaww Diaenergie 1.08.00/1.7.5/1.8.0
Delta Electronics DIAEnergie (all versions prior to 1.8.02.004) are vulnerable to a DLL hijacking condition.
local
low complexity
deltaww CWE-427
7.8
7.8
2022-03-29 CVE-2022-0923 SQL Injection vulnerability in Deltaww Diaenergie 1.08.00/1.7.5/1.8.0
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability that exists in HandlerDialog_KID.ashx.
network
low complexity
deltaww CWE-89
critical
 9.8
9.8
2022-03-29 CVE-2022-25347 Path Traversal vulnerability in Deltaww Diaenergie 1.08.00/1.7.5/1.8.0
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) is vulnerable to path traversal attacks, which may allow an attacker to write arbitrary files to locations on the file system.
network
low complexity
deltaww CWE-22
7.5
7.5
2022-03-29 CVE-2022-25880 SQL Injection vulnerability in Deltaww Diaenergie 1.08.00/1.7.5/1.8.0
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in HandlerTag_KID.ashx.
network
low complexity
deltaww CWE-89
critical
 9.8
9.8