Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
diaenergie vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2022-33005
A cross-site scripting (XSS) vulnerability in the System Settings/IOT Settings module of Delta Electronics DIAEnergie v1.08.00 allows malicious users to execute arbitrary web scripts via a crafted payload injected into the Name text field.
Deltaww Diaenergie 1.08.00
NA
CVE-2024-28040
SQL injection vulnerability exists in GetDIAE_astListParameters.
NA
CVE-2024-23975
SQL injection vulnerability exists in GetDIAE_slogListParameters.
NA
CVE-2024-25574
SQL injection vulnerability exists in GetDIAE_usListParameters.
NA
CVE-2024-23494
SQL injection vulnerability exists in GetDIAE_unListParameters.
NA
CVE-2024-25937
SQL injection vulnerability exists in the script DIAE_tagHandler.ashx.
NA
CVE-2024-28891
SQL injection vulnerability exists in the script Handler_CFG.ashx.
NA
CVE-2024-28045
Improper neutralization of input within the affected product could lead to cross-site scripting.
NA
CVE-2024-28171
It is possible to perform a path traversal attack and write outside of the intended directory. If a file name is specified that already exists on the file system, then the original file will be overwritten.
NA
CVE-2024-25567
Path traversal attack is possible and write outside of the intended directory and may access sensitive information. If a file name is specified that already exists on the file system, then the original file will be overwritten.
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
NEXT »