Vulnerabilities > Deltaww > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-10-09 CVE-2023-5461 Cleartext Transmission of Sensitive Information vulnerability in Deltaww Wplsoft 2.51
A vulnerability was found in Delta Electronics WPLSoft 2.51.
network
high complexity
deltaww CWE-319
5.9
2023-10-09 CVE-2023-5460 Heap-based Buffer Overflow vulnerability in Deltaww Wplsoft
A vulnerability was found in Delta Electronics WPLSoft up to 2.51 and classified as problematic.
low complexity
deltaww CWE-122
5.7
2022-12-14 CVE-2022-42141 Cross-site Scripting vulnerability in Deltaww Dx-2100-L1-Cn Firmware 1.5.0.10
Delta Electronics DX-2100-L1-CN 2.42 is vulnerable to Cross Site Scripting (XSS) via lform/urlfilter.
network
low complexity
deltaww CWE-79
5.4
2022-10-27 CVE-2022-40965 Cross-site Scripting vulnerability in Deltaww Diaenergie
The affected product DIAEnergie (versions prior to v1.9.01.002) is vulnerable to a stored cross-site scripting vulnerability through the PostEnergyType API.
network
low complexity
deltaww CWE-79
5.4
2022-10-27 CVE-2022-41555 Cross-site Scripting vulnerability in Deltaww Diaenergie
The affected product DIAEnergie (versions prior to v1.9.01.002) is vulnerable to a stored cross-site scripting vulnerability through the PutLineMessageSetting API.
network
low complexity
deltaww CWE-79
5.4
2022-10-27 CVE-2022-41651 Cross-site Scripting vulnerability in Deltaww Diaenergie
The affected product DIAEnergie (versions prior to v1.9.01.002) is vulnerable to a stored cross-site scripting vulnerability through the SetPF API.
network
low complexity
deltaww CWE-79
5.4
2022-10-27 CVE-2022-41701 Cross-site Scripting vulnerability in Deltaww Diaenergie
The affected product DIAEnergie (versions prior to v1.9.01.002) is vulnerable to a stored cross-site scripting vulnerability through the PutShift API.
network
low complexity
deltaww CWE-79
5.4
2022-10-27 CVE-2022-41702 Cross-site Scripting vulnerability in Deltaww Diaenergie
The affected product DIAEnergie (versions prior to v1.9.01.002) is vulnerable to a stored cross-site scripting vulnerability through the InsertReg API.
network
low complexity
deltaww CWE-79
5.4
2022-06-27 CVE-2022-33005 Cross-site Scripting vulnerability in Deltaww Diaenergie 1.08.00
A cross-site scripting (XSS) vulnerability in the System Settings/IOT Settings module of Delta Electronics DIAEnergie v1.08.00 allows attackers to execute arbitrary web scripts via a crafted payload injected into the Name text field.
network
deltaww CWE-79
4.3
2022-05-24 CVE-2021-32965 Type Confusion vulnerability in Deltaww Diascreen
Delta Electronics DIAScreen versions prior to 1.1.0 are vulnerable to type confusion, which may allow an attacker to remotely execute arbitrary code.
network
deltaww CWE-843
6.8