Vulnerabilities > Deltaww > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-10-09 | CVE-2023-5461 | Cleartext Transmission of Sensitive Information vulnerability in Deltaww Wplsoft 2.51 A vulnerability was found in Delta Electronics WPLSoft 2.51. | 5.9 |
2023-10-09 | CVE-2023-5460 | Heap-based Buffer Overflow vulnerability in Deltaww Wplsoft A vulnerability was found in Delta Electronics WPLSoft up to 2.51 and classified as problematic. | 5.7 |
2022-12-14 | CVE-2022-42141 | Cross-site Scripting vulnerability in Deltaww Dx-2100-L1-Cn Firmware 1.5.0.10 Delta Electronics DX-2100-L1-CN 2.42 is vulnerable to Cross Site Scripting (XSS) via lform/urlfilter. | 5.4 |
2022-10-27 | CVE-2022-40965 | Cross-site Scripting vulnerability in Deltaww Diaenergie The affected product DIAEnergie (versions prior to v1.9.01.002) is vulnerable to a stored cross-site scripting vulnerability through the PostEnergyType API. | 5.4 |
2022-10-27 | CVE-2022-41555 | Cross-site Scripting vulnerability in Deltaww Diaenergie The affected product DIAEnergie (versions prior to v1.9.01.002) is vulnerable to a stored cross-site scripting vulnerability through the PutLineMessageSetting API. | 5.4 |
2022-10-27 | CVE-2022-41651 | Cross-site Scripting vulnerability in Deltaww Diaenergie The affected product DIAEnergie (versions prior to v1.9.01.002) is vulnerable to a stored cross-site scripting vulnerability through the SetPF API. | 5.4 |
2022-10-27 | CVE-2022-41701 | Cross-site Scripting vulnerability in Deltaww Diaenergie The affected product DIAEnergie (versions prior to v1.9.01.002) is vulnerable to a stored cross-site scripting vulnerability through the PutShift API. | 5.4 |
2022-10-27 | CVE-2022-41702 | Cross-site Scripting vulnerability in Deltaww Diaenergie The affected product DIAEnergie (versions prior to v1.9.01.002) is vulnerable to a stored cross-site scripting vulnerability through the InsertReg API. | 5.4 |
2022-06-27 | CVE-2022-33005 | Cross-site Scripting vulnerability in Deltaww Diaenergie 1.08.00 A cross-site scripting (XSS) vulnerability in the System Settings/IOT Settings module of Delta Electronics DIAEnergie v1.08.00 allows attackers to execute arbitrary web scripts via a crafted payload injected into the Name text field. | 4.3 |
2022-05-24 | CVE-2021-32965 | Type Confusion vulnerability in Deltaww Diascreen Delta Electronics DIAScreen versions prior to 1.1.0 are vulnerable to type confusion, which may allow an attacker to remotely execute arbitrary code. | 6.8 |