The HICT_Loop class in Delta Electronics DIAEnergy v1.9 contains a SQL Injection flaw that could allow an malicious user to gain code execution on a remote system.
deltaww diaenergie 1.9.0