Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
deltaww diaenergie vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-26666
Delta Electronics DIAEnergie (All versions before 1.8.02.004) has a blind SQL injection vulnerability exists in HandlerECC.ashx. This allows an malicious user to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands.
Deltaww Diaenergie
9.8
CVSSv3
CVE-2022-26667
Delta Electronics DIAEnergie (All versions before 1.8.02.004) has a blind SQL injection vulnerability that exists in GetDemandAnalysisData. This allows an malicious user to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands.
Deltaww Diaenergie
9.8
CVSSv3
CVE-2022-25980
Delta Electronics DIAEnergie (All versions before 1.8.02.004) has a blind SQL injection vulnerability that exists in HandlerCommon.ashx. This allows an malicious user to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands.
Deltaww Diaenergie
9.8
CVSSv3
CVE-2022-26013
Delta Electronics DIAEnergie (All versions before 1.8.02.004) has a blind SQL injection vulnerability that exists in DIAE_dmdsetHandler.ashx. This allows an malicious user to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands.
Deltaww Diaenergie
9.8
CVSSv3
CVE-2022-26065
Delta Electronics DIAEnergie (All versions before 1.8.02.004) has a blind SQL injection vulnerability exists in GetLatestDemandNode. This allows an malicious user to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands.
Deltaww Diaenergie
9.8
CVSSv3
CVE-2022-26069
Delta Electronics DIAEnergie (All versions before 1.8.02.004) has a blind SQL injection vulnerability that exists in HandlerPage_KID.ashx. This allows an malicious user to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands.
Deltaww Diaenergie
8.8
CVSSv3
CVE-2023-0822
The affected product DIAEnergie (versions prior to v1.9.03.001) contains improper authorization, which could allow an unauthorized user to bypass authorization and access privileged functionality.
Deltaww Diaenergie
5.5
CVSSv3
CVE-2021-33003
Delta Electronics DIAEnergie Version 1.7.5 and prior may allow an malicious user to retrieve passwords in cleartext due to a weak hashing algorithm.
Deltaww Diaenergie
9.8
CVSSv3
CVE-2021-32955
Delta Electronics DIAEnergie Version 1.7.5 and prior allows unrestricted file uploads, which may allow an malicious user to remotely execute code.
Deltaww Diaenergie
6.1
CVSSv3
CVE-2021-31558
DIAEnergie Version 1.7.5 and prior is vulnerable to stored cross-site scripting when an unauthenticated user injects arbitrary code into the parameter “descr” of the script “DIAE_hierarchyHandler.ashx”.
Deltaww Diaenergie
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »