Vulnerabilities > Deltaww

DATE	CVE	VULNERABILITY TITLE	RISK
2022-10-26	CVE-2022-43774	SQL Injection vulnerability in Deltaww Diaenergie 1.9.0 The HandlerPageP_KID class in Delta Electronics DIAEnergy v1.9 contains a SQL Injection flaw that could allow an attacker to gain code execution on a remote system. network low complexity deltaww CWE-89 critical	9.8
2022-10-26	CVE-2022-43775	SQL Injection vulnerability in Deltaww Diaenergie 1.9.0 The HICT_Loop class in Delta Electronics DIAEnergy v1.9 contains a SQL Injection flaw that could allow an attacker to gain code execution on a remote system. network low complexity deltaww CWE-89 critical	9.8
2022-09-16	CVE-2022-3214	Use of Hard-coded Credentials vulnerability in Deltaww Diaenergie Delta Industrial Automation's DIAEnergy, an industrial energy management system, is vulnerable to CWE-798, Use of Hard-coded Credentials. network low complexity deltaww CWE-798 critical	9.8
2022-06-27	CVE-2022-33005	Cross-site Scripting vulnerability in Deltaww Diaenergie 1.08.00 A cross-site scripting (XSS) vulnerability in the System Settings/IOT Settings module of Delta Electronics DIAEnergie v1.08.00 allows attackers to execute arbitrary web scripts via a crafted payload injected into the Name text field. network deltaww CWE-79	4.3
2022-05-24	CVE-2021-32965	Type Confusion vulnerability in Deltaww Diascreen Delta Electronics DIAScreen versions prior to 1.1.0 are vulnerable to type confusion, which may allow an attacker to remotely execute arbitrary code. network deltaww CWE-843	6.8
2022-05-24	CVE-2021-32969	Out-of-bounds Write vulnerability in Deltaww Diascreen Delta Electronics DIAScreen versions prior to 1.1.0 are vulnerable to an out-of-bounds write condition, which may result in a system crash or allow an attacker to remotely execute arbitrary code. network deltaww CWE-787	6.8
2022-05-03	CVE-2022-1331	XXE vulnerability in Deltaww Dmars In four instances DMARS (All versions prior to v2.1.10.24) does not properly restrict references of XML external entities while processing specific project files, which may allow unauthorized information disclosure. network deltaww CWE-611	4.3
2022-05-02	CVE-2022-1367	SQL Injection vulnerability in Deltaww Diaenergie 1.7.5 Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in Handler_TCV.ashx. network low complexity deltaww CWE-89 critical	10.0
2022-05-02	CVE-2022-1369	SQL Injection vulnerability in Deltaww Diaenergie 1.7.5 Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in ReadRegIND. network low complexity deltaww CWE-89 critical	10.0
2022-05-02	CVE-2022-1370	SQL Injection vulnerability in Deltaww Diaenergie 1.7.5 Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in ReadREGbyID. network low complexity deltaww CWE-89 critical	10.0

Vulnerabilities > Deltaww {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Deltaww"}]}

Vulnerabilities > Deltaww