3 matches found
DIAEnergie SQL Blind Bet Vulnerability
A SQL blind injection vulnerability exists in the /DataHandler/HandlerCFG.ashx endpoint in DIAEnergie 1.7.5 and earlier versions. The vulnerability stems from the application not properly validating the value provided by the user via the parameter keyword before using the value as part of a SQL...
DIAEnergie SQL Blind Injection Vulnerability (CNVD-2021-93913)
A SQL blind injection vulnerability exists in the /DataHandler/HandlerAlarmGroup.ashx endpoint in DIAEnergie 1.7.5 and earlier versions. The vulnerability stems from the application not properly validating the value provided by the user via the parameter agid before using the value as part of a S...
DIAEnergie SQL Blind Injection Vulnerability (CNVD-2021-93914)
A SQL blind injection vulnerability exists in the /DataHandler/AM/AMHandler.ashx endpoint in DIAEnergie 1.7.5 and earlier versions. The vulnerability stems from the application not properly validating the value provided by the user via parameter type before using the value as part of an SQL query...