Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
diaenergie vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2022-33005
A cross-site scripting (XSS) vulnerability in the System Settings/IOT Settings module of Delta Electronics DIAEnergie v1.08.00 allows malicious users to execute arbitrary web scripts via a crafted payload injected into the Name text field.
Deltaww Diaenergie 1.08.00
NA
CVE-2024-23494
SQL injection vulnerability exists in GetDIAE_unListParameters.
NA
CVE-2024-25574
SQL injection vulnerability exists in GetDIAE_usListParameters.
NA
CVE-2024-28891
SQL injection vulnerability exists in the script Handler_CFG.ashx.
NA
CVE-2024-28040
SQL injection vulnerability exists in GetDIAE_astListParameters.
NA
CVE-2024-23975
SQL injection vulnerability exists in GetDIAE_slogListParameters.
NA
CVE-2024-25937
SQL injection vulnerability exists in the script DIAE_tagHandler.ashx.
NA
CVE-2024-28045
Improper neutralization of input within the affected product could lead to cross-site scripting.
NA
CVE-2024-28171
It is possible to perform a path traversal attack and write outside of the intended directory. If a file name is specified that already exists on the file system, then the original file will be overwritten.
NA
CVE-2024-34031
Delta Electronics DIAEnergie is vulnerable to an SQL injection vulnerability that exists in the script Handler_CFG.ashx. An authenticated attacker can exploit this issue to potentially compromise the system on which DIAEnergie is deployed.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
NEXT »