CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-43452 – Delta Electronics DIAEnergie SQL Injection
https://notcve.org/view.php?id=CVE-2022-43452
SQL Injection in FtyInfoSetting.aspx in Delta Electronics DIAEnergie versions prior to v1.9.02.001 allows an attacker to inject SQL queries via Network La inyección SQL en FtyInfoSetting.aspx en las versiones de Delta Electronics DIAEnergie anteriores a v1.9.02.001 permite a un atacante inyectar consultas SQL a través de la red • https://www.cisa.gov/uscert/ics/advisories/icsa-22-298-06 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-43457 – Delta Electronics DIAEnergie SQL Injection
https://notcve.org/view.php?id=CVE-2022-43457
SQL Injection in HandlerPage_KID.ashx in Delta Electronics DIAEnergie versions prior to v1.9.02.001 allows an attacker to inject SQL queries via Network La inyección SQL en HandlerPage_KID.ashx en versiones de Delta Electronics DIAEnergie anteriores a la v1.9.02.001 permite a un atacante inyectar consultas SQL a través de la red • https://www.cisa.gov/uscert/ics/advisories/icsa-22-298-06 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-43447 – Delta Electronics DIAEnergie SQL Injection
https://notcve.org/view.php?id=CVE-2022-43447
SQL Injection in AM_EBillAnalysis.aspx in Delta Electronics DIAEnergie versions prior to v1.9.02.001 allows an attacker to inject SQL queries via Network La inyección SQL en AM_EBillAnalysis.aspx en versiones de Delta Electronics DIAEnergie anteriores a v1.9.02.001 permite a un atacante inyectar consultas SQL a través de la red • https://www.cisa.gov/uscert/ics/advisories/icsa-22-298-06 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.7EPSS: 0%CPEs: 1EXPL: 0CVE-2022-41702 – Delta Electronics DIAEnergie
https://notcve.org/view.php?id=CVE-2022-41702
The affected product DIAEnergie (versions prior to v1.9.01.002) is vulnerable to a stored cross-site scripting vulnerability through the InsertReg API. El producto afectado DIAEnergie (versiones anteriores a la v1.9.01.002) es vulnerable a Stored Cross-Site Scripting a través de la API InsertReg. • https://www.cisa.gov/uscert/ics/advisories/icsa-22-298-06 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.7EPSS: 0%CPEs: 1EXPL: 0CVE-2022-41651 – Delta Electronics DIAEnergie
https://notcve.org/view.php?id=CVE-2022-41651
The affected product DIAEnergie (versions prior to v1.9.01.002) is vulnerable to a stored cross-site scripting vulnerability through the SetPF API. El producto afectado DIAEnergie (versiones anteriores a la v1.9.01.002) es vulnerable a Stored Cross-Site Scripting a través de la API SetPF. • https://www.cisa.gov/uscert/ics/advisories/icsa-22-298-06 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •