61 matches found
EUVD-2022-46504
Malicious code in bioql PyPI...
EUVD-2024-34602
Malicious code in bioql PyPI...
EUVD-2022-44945
Malicious code in bioql PyPI...
Delta Electronics DIAEnergie Cross-Site Scripting Vulnerability (CNVD-2025-22955)
Delta Electronics DIAEnergie is an industrial energy management system from Delta Electronics China for monitoring and analyzing energy consumption in real time, calculating energy consumption and load characteristics, optimizing equipment performance, improving production processes and maximizin...
CVE-2024-43699
Delta Electronics DIAEnergie is vulnerable to an SQL injection in the script AMRegReport.aspx. An unauthenticated attacker may be able to exploit this issue to obtain records contained in the targeted product...
Delta Electronics DIAEnergie
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : Delta Electronics Equipment : DIAEnergie Vulnerabilities : SQL Injection 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to retrieve records or...
CVE-2024-4548
An SQLi vulnerability exists in Delta Electronics DIAEnergie v1.10.1.8610 and prior when CEBC.exe processes a 'RecalculateHDMWYC' message, which is split into 4 fields using the '' character as the separator. An unauthenticated remote attacker can perform SQLi via the fourth field...
CVE-2024-34032
Delta Electronics DIAEnergie is vulnerable to an SQL injection vulnerability that exists in the GetDIACloudList endpoint. An authenticated attacker can exploit this issue to potentially compromise the system on which DIAEnergie is deployed...
CVE-2024-34031
Delta Electronics DIAEnergie is vulnerable to an SQL injection vulnerability that exists in the script HandlerCFG.ashx. An authenticated attacker can exploit this issue to potentially compromise the system on which DIAEnergie is deployed...
Delta Electronics DIAEnergie
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : Delta Electronics Equipment : DIAEnergie Vulnerabilities : SQL Injection, Path Traversal 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an authenticated...
CVE-2024-23975 Delta Electronics DIAEnergie SQL injection
SQL injection vulnerability exists in GetDIAEslogListParameters...
CVE-2024-25937 Delta Electronics DIAEnergie SQL injection
SQL injection vulnerability exists in the script DIAEtagHandler.ashx...
CVE-2024-28891 Delta Electronics DIAEnergie SQL injection
SQL injection vulnerability exists in the script HandlerCFG.ashx...
Delta Electronics DIAEnergie HandlerUploadCarbon Use Of Hard-Coded Credentials Authentication Bypass Vulnerability
This vulnerability allows remote attackers to bypass authentication on affected installations of Delta Electronics DIAEnergie. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of requests to the HandlerUploadCarbon endpoint. The issue...
CISA Releases Five Industrial Control Systems Advisories
CISA released five Industrial Control Systems ICS advisories on June 1, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-152-01 Advantech WebAccess-SCADA ICSA-23-152-02 HID Global SAFE ICSA-22-256-03 Delta...
CVE-2022-43452
SQL Injection in FtyInfoSetting.aspx in Delta Electronics DIAEnergie versions prior to v1.9.02.001 allows an attacker to inject SQL queries via Network...
CVE-2022-43506
SQL Injection in HandlerTagKID.ashx in Delta Electronics DIAEnergie versions prior to v1.9.02.001 allows an attacker to inject SQL queries via Network...
CVE-2022-43457
SQL Injection in HandlerPageKID.ashx in Delta Electronics DIAEnergie versions prior to v1.9.02.001 allows an attacker to inject SQL queries via Network...
CVE-2022-43447
SQL Injection in AMEBillAnalysis.aspx in Delta Electronics DIAEnergie versions prior to v1.9.02.001 allows an attacker to inject SQL queries via Network...
CVE-2022-41775
SQL Injection in HandlerCFG.ashx in Delta Electronics DIAEnergie versions prior to v1.9.02.001 allows an attacker to inject SQL queries via Network...