3851 matches found
CVE-2022-41651 Delta Electronics DIAEnergie
The affected product DIAEnergie versions prior to v1.9.01.002 is vulnerable to a stored cross-site scripting vulnerability through the SetPF API...
CVE-2022-41702 Delta Electronics DIAEnergie
The affected product DIAEnergie versions prior to v1.9.01.002 is vulnerable to a stored cross-site scripting vulnerability through the InsertReg API...
CVE-2022-41702 Delta Electronics DIAEnergie
The affected product DIAEnergie versions prior to v1.9.01.002 is vulnerable to a stored cross-site scripting vulnerability through the InsertReg API...
CVE-2022-41651 Delta Electronics DIAEnergie
The affected product DIAEnergie versions prior to v1.9.01.002 is vulnerable to a stored cross-site scripting vulnerability through the SetPF API...
CVE-2022-40967 Delta Electronics DIAEnergie
The affected product DIAEnergie versions prior to v1.9.01.002 is vulnerable to a SQL injection that exists in CheckIoTHubNameExisted. A low-privileged authenticated attacker could exploit this issue to inject arbitrary SQL queries...
CVE-2022-41701 Delta Electronics DIAEnergie
The affected product DIAEnergie versions prior to v1.9.01.002 is vulnerable to a stored cross-site scripting vulnerability through the PutShift API...
CVE-2022-41773 Delta Electronics DIAEnergie
The affected product DIAEnergie versions prior to v1.9.01.002 is vulnerable to a SQL injection that exists in CheckDIACloud. A low-privileged authenticated attacker could exploit this issue to inject arbitrary SQL queries...
CVE-2022-41701 Delta Electronics DIAEnergie
The affected product DIAEnergie versions prior to v1.9.01.002 is vulnerable to a stored cross-site scripting vulnerability through the PutShift API...
CVE-2022-41133 Delta Electronics DIAEnergie
The affected product DIAEnergie versions prior to v1.9.01.002 is vulnerable to a SQL injection that exists in GetDIAElinemessagesettingsListParameters. A low-privileged authenticated attacker could exploit this issue to inject arbitrary SQL queries...
CVE-2022-41133 Delta Electronics DIAEnergie
The affected product DIAEnergie versions prior to v1.9.01.002 is vulnerable to a SQL injection that exists in GetDIAElinemessagesettingsListParameters. A low-privileged authenticated attacker could exploit this issue to inject arbitrary SQL queries...
CVE-2022-41773 Delta Electronics DIAEnergie
The affected product DIAEnergie versions prior to v1.9.01.002 is vulnerable to a SQL injection that exists in CheckDIACloud. A low-privileged authenticated attacker could exploit this issue to inject arbitrary SQL queries...
CVE-2022-40965 Delta Electronics DIAEnergie
The affected product DIAEnergie versions prior to v1.9.01.002 is vulnerable to a stored cross-site scripting vulnerability through the PostEnergyType API...
CVE-2022-40965 Delta Electronics DIAEnergie
The affected product DIAEnergie versions prior to v1.9.01.002 is vulnerable to a stored cross-site scripting vulnerability through the PostEnergyType API...
CVE-2022-41555 Delta Electronics DIAEnergie
The affected product DIAEnergie versions prior to v1.9.01.002 is vulnerable to a stored cross-site scripting vulnerability through the PutLineMessageSetting API...
CVE-2022-41555 Delta Electronics DIAEnergie
The affected product DIAEnergie versions prior to v1.9.01.002 is vulnerable to a stored cross-site scripting vulnerability through the PutLineMessageSetting API...
PT-2022-26009 · Delta Electronics · Infrasuite Device Master
Name of the Vulnerable Software and Affected Versions: Delta Electronics InfraSuite Device Master version 00.00.01a and prior Description: The issue allows an attacker to use provided data already serialized into memory for file operations through application programmable interfaces APIs. This...
PT-2022-26001 · Delta Electronics · Infrasuite Device Master
Name of the Vulnerable Software and Affected Versions: Delta Electronics InfraSuite Device Master versions 00.00.01a and prior Description: The issue lacks authentication for a function that changes group privileges. An attacker could use this to create a denial-of-service state or escalate their...
Delta Electronics DIAEnergie SQL注入漏洞
Delta Electronics DIAEnergie is an industrial energy management system for monitoring and analyzing energy consumption in real time, calculating energy consumption and load characteristics, optimizing equipment performance, improving production processes and maximizing energy efficiency. A securi...
PT-2022-26026 · Delta Electronics · Infrasuite Device Master
Name of the Vulnerable Software and Affected Versions: Delta Electronics InfraSuite Device Master versions 00.00.01a and prior Description: The issue concerns a lack of proper authentication for functions that create and modify user groups. An attacker could exploit this by providing malicious...
CVE-2022-43775
The HICTLoop class in Delta Electronics DIAEnergy v1.9 contains a SQL Injection flaw that could allow an attacker to gain code execution on a remote system...