2 matches found
CVE-2022-41133
The affected product DIAEnergie versions prior to v1.9.01.002 is vulnerable to a SQL injection that exists in GetDIAElinemessagesettingsListParameters. A low-privileged authenticated attacker could exploit this issue to inject arbitrary SQL queries...
CVE-2022-41133
DIAEnergie (Delta Electronics) is affected by CVE-2022-41133: a SQL injection in GetDIAE_line_message_settingsListParameters affects versions prior to v1.9.01.002 (and related 1.9.x branches per advisories). The vulnerability allows a low-privileged authenticated attacker to inject arbitrary SQL ...