8 matches found
CVE-2022-1371
Delta Electronics DIAEnergie All versions prior to 1.8.02.004 has a blind SQL injection vulnerability exists in ReadRegf. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands...
CVE-2022-1367
Delta Electronics DIAEnergie All versions prior to 1.8.02.004 has a blind SQL injection vulnerability exists in HandlerTCV.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands...
CVE-2022-1369
Delta Electronics DIAEnergie All versions prior to 1.8.02.004 has a blind SQL injection vulnerability exists in ReadRegIND. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands...
CVE-2022-26666
Delta Electronics DIAEnergie All versions prior to 1.8.02.004 has a blind SQL injection vulnerability exists in HandlerECC.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands...
CVE-2022-27175
Delta Electronics DIAEnergie All versions prior to 1.8.02.004 has a blind SQL injection vulnerability that exists in GetCalcTagList. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands...
CVE-2022-26667
Delta Electronics DIAEnergie All versions prior to 1.8.02.004 has a blind SQL injection vulnerability that exists in GetDemandAnalysisData. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands...
CVE-2022-26069
Delta Electronics DIAEnergie All versions prior to 1.8.02.004 has a blind SQL injection vulnerability that exists in HandlerPageKID.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands...
CVE-2021-38391
A Blind SQL injection vulnerability exists in the /DataHandler/AM/AMHandler.ashx endpoint of Delta Electronics DIAEnergie Version 1.7.5 and prior. The application does not properly validate the user-controlled value supplied through the parameter type before using it as part of an SQL query. A...