Lucene search
K

3858 matches found

Prion
Prion
added 2022/03/29 5:15 p.m.17 views

Path traversal

Delta Electronics DIAEnergie All versions prior to 1.8.02.004 is vulnerable to path traversal attacks, which may allow an attacker to write arbitrary files to locations on the file system...

5CVSS8AI score0.11124EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2022/03/29 4:37 p.m.6 views

CVE-2022-27175 Delta Electronics DIAEnergie SQL Injection in GetCalcTagList

Delta Electronics DIAEnergie All versions prior to 1.8.02.004 has a blind SQL injection vulnerability that exists in GetCalcTagList. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands...

9.8CVSS7.9AI score0.01172EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/03/29 4:37 p.m.23 views

CVE-2022-27175 Delta Electronics DIAEnergie SQL Injection in GetCalcTagList

Delta Electronics DIAEnergie All versions prior to 1.8.02.004 has a blind SQL injection vulnerability that exists in GetCalcTagList. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands...

9.8CVSS9.9AI score0.01172EPSS
Exploits0References1
CVE
CVE
added 2022/03/29 4:37 p.m.103 views

CVE-2022-27175

Delta Electronics DIAEnergie (all versions prior to 1.8.02.004) contains a blind SQL injection in GetCalcTagList. The vulnerability allows an attacker to inject arbitrary SQL, retrieve/modify database contents, and execute system commands. Affected product: DIAEnergie; root cause: inadequate inpu...

10CVSS9.8AI score0.01172EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/03/29 4:37 p.m.10 views

CVE-2022-26839 Delta Electronics DIAEnergie Incorrect Default Permissions

Delta Electronics DIAEnergie All versions prior to 1.8.02.004 is vulnerable to an incorrect default permission in the DIAEnergie application, which may allow an attacker to plant new files such as DLLs or replace existing executable files...

7.8CVSS7.7AI score0.00208EPSS
Exploits0References1
CVE
CVE
added 2022/03/29 4:37 p.m.112 views

CVE-2022-26839

CVE-2022-26839 affects Delta Electronics DIAEnergie (all versions before 1.8.02.004). The flaw is an incorrect default permission in the DIAEnergie application that may allow an attacker to plant new files (e.g., DLLs) or replace existing executables. ICS advisory Update C notes fixes in version ...

7.8CVSS7.7AI score0.00208EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/03/29 4:37 p.m.81 views

CVE-2022-26667

Delta Electronics DIAEnergie is affected by a blind SQL injection vulnerability (CVE-2022-26667) in GetDemandAnalysisData for all versions before 1.9. The issue allows an attacker to inject arbitrary SQL, read/modify database contents, and execute system commands. No exploitation details are prov...

10CVSS9.8AI score0.01172EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2022/03/29 4:37 p.m.7 views

CVE-2022-26667 Delta Electronics DIAEnergie SQL Injection in GetDemandAnalysisData

Delta Electronics DIAEnergie All versions prior to 1.8.02.004 has a blind SQL injection vulnerability that exists in GetDemandAnalysisData. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands...

9.8CVSS7.9AI score0.01172EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/03/29 4:37 p.m.15 views

CVE-2022-26667 Delta Electronics DIAEnergie SQL Injection in GetDemandAnalysisData

Delta Electronics DIAEnergie All versions prior to 1.8.02.004 has a blind SQL injection vulnerability that exists in GetDemandAnalysisData. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands...

9.8CVSS9.9AI score0.01172EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/03/29 4:37 p.m.6 views

CVE-2022-26514 Delta Electronics DIAEnergie SQL Injection in DIAE_tagHandler.ashx

Delta Electronics DIAEnergie All versions prior to 1.8.02.004 has a blind SQL injection vulnerability that exists in DIAEtagHandler.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands...

9.8CVSS7.9AI score0.01172EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/03/29 4:37 p.m.8 views

CVE-2022-26338 Delta Electronics DIAEnergie SQL Injection in DIAE_hierarchyHandler.ashx

Delta Electronics DIAEnergie All versions prior to 1.8.02.004 has a blind SQL injection vulnerability exists in HandlerPagePKID.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands...

9.8CVSS7.9AI score0.01172EPSS
Exploits0References1
CVE
CVE
added 2022/03/29 4:37 p.m.90 views

CVE-2022-26514

CVE-2022-26514 affects Delta Electronics DIAEnergie (all versions prior to 1.9.0.0). The issue is a blind SQL injection in the DIAE_tagHandler.ashx component, enabling an attacker to inject arbitrary SQL, retrieve/modify database contents, and potentially execute system commands. The vulnerabilit...

10CVSS9.8AI score0.01172EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/03/29 4:37 p.m.22 views

CVE-2022-26338 Delta Electronics DIAEnergie SQL Injection in DIAE_hierarchyHandler.ashx

Delta Electronics DIAEnergie All versions prior to 1.8.02.004 has a blind SQL injection vulnerability exists in HandlerPagePKID.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands...

9.8CVSS9.9AI score0.01172EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/03/29 4:37 p.m.16 views

CVE-2022-26514 Delta Electronics DIAEnergie SQL Injection in DIAE_tagHandler.ashx

Delta Electronics DIAEnergie All versions prior to 1.8.02.004 has a blind SQL injection vulnerability that exists in DIAEtagHandler.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands...

9.8CVSS9.9AI score0.01172EPSS
Exploits0References1
CVE
CVE
added 2022/03/29 4:37 p.m.143 views

CVE-2022-26338

CVE-2022-26338 affects Delta Electronics DIAEnergie. A blind SQL injection in DIAE_hierarchyHandler.ashx/HandlerPageP_KID.ashx (prior to 1.8.02.004) can enable arbitrary SQL execution, data retrieval/modification, and command execution. Mitigation: upgrade to 1.9 or later; apply network isolation...

10CVSS9.8AI score0.01172EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/03/29 4:37 p.m.86 views

CVE-2022-26666

Delta Electronics DIAEnergie (all versions before 1.9) contains a blind SQL injection in HandlerECC.ashx that lets an attacker inject arbitrary SQL, retrieve/modify data, and potentially execute system commands. The CVSS v3.1 base score is 9.8 (CRITICAL), with network access, no authentication, a...

10CVSS9.8AI score0.01172EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/03/29 4:37 p.m.17 views

CVE-2022-26666 Delta Electronics DIAEnergie SQL Injection in HandlerDialogECC.ashx

Delta Electronics DIAEnergie All versions prior to 1.8.02.004 has a blind SQL injection vulnerability exists in HandlerECC.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands...

9.8CVSS9.9AI score0.01172EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/03/29 4:37 p.m.7 views

CVE-2022-26666 Delta Electronics DIAEnergie SQL Injection in HandlerDialogECC.ashx

Delta Electronics DIAEnergie All versions prior to 1.8.02.004 has a blind SQL injection vulnerability exists in HandlerECC.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands...

9.8CVSS9.8AI score0.01172EPSS
Exploits0References1
CVE
CVE
added 2022/03/29 4:37 p.m.81 views

CVE-2022-26887

CVE-2022-26887 affects Delta Electronics DIAEnergie (all versions prior to 1.8.02.004, fixed in 1.9+ per ICS Update C). The vulnerability is a blind SQL injection in DIAE_loopmapHandler.ashx (and related handlers per multiple sources) caused by insufficient validation of external input, enabling ...

10CVSS9.8AI score0.09505EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/03/29 4:37 p.m.15 views

CVE-2022-26887 Delta Electronics DIAEnergie SQL Injection in DIAE_HandlerTag_KID.ashx

Delta Electronics DIAEnergie All versions prior to 1.8.02.004 has a blind SQL injection vulnerability exists in DIAEloopmapHandler.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands...

9.8CVSS9.9AI score0.09505EPSS
Exploits0References1
Rows per page
Query Builder