Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
deltaww diaenergie vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2021-23228
DIAEnergie Version 1.7.5 and prior is vulnerable to a reflected cross-site scripting attack through error pages that are returned by “.NET Request.QueryString”.
Deltaww Diaenergie
4.3
CVSSv2
CVE-2021-32991
Delta Electronics DIAEnergie Version 1.7.5 and prior is vulnerable to cross-site request forgery, which may allow an malicious user to cause a user to carry out an action unintentionally.
Deltaww Diaenergie
2.1
CVSSv2
CVE-2021-33003
Delta Electronics DIAEnergie Version 1.7.5 and prior may allow an malicious user to retrieve passwords in cleartext due to a weak hashing algorithm.
Deltaww Diaenergie
NA
CVE-2024-28029
Privileges are not fully verified server-side, which can be abused by a user with limited privileges to bypass authorization and access privileged functionality.
Deltaww Diaenergie
NA
CVE-2023-0822
The affected product DIAEnergie (versions prior to v1.9.03.001) contains improper authorization, which could allow an unauthorized user to bypass authorization and access privileged functionality.
Deltaww Diaenergie
NA
CVE-2022-43447
SQL Injection in AM_EBillAnalysis.aspx in Delta Electronics DIAEnergie versions prior to v1.9.02.001 allows an malicious user to inject SQL queries via Network
Deltaww Diaenergie
NA
CVE-2022-41775
SQL Injection in Handler_CFG.ashx in Delta Electronics DIAEnergie versions prior to v1.9.02.001 allows an malicious user to inject SQL queries via Network
Deltaww Diaenergie
NA
CVE-2022-43506
SQL Injection in HandlerTag_KID.ashx in Delta Electronics DIAEnergie versions prior to v1.9.02.001 allows an malicious user to inject SQL queries via Network
Deltaww Diaenergie
NA
CVE-2022-43452
SQL Injection in FtyInfoSetting.aspx in Delta Electronics DIAEnergie versions prior to v1.9.02.001 allows an malicious user to inject SQL queries via Network
Deltaww Diaenergie
NA
CVE-2022-43457
SQL Injection in HandlerPage_KID.ashx in Delta Electronics DIAEnergie versions prior to v1.9.02.001 allows an malicious user to inject SQL queries via Network
Deltaww Diaenergie
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »