cbcvebase.

Delta Electronics Diaenergie vulnerabilities

69 known vulnerabilities affecting delta_electronics/diaenergie.

Total CVEs
69
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL30HIGH26MEDIUM13

Vulnerabilities

Page 4 of 4
CVE-2022-41651P4MEDIUMCVSS 5.4≥ All, < v1.9.01.0022022-10-27
CVE-2022-41651 [MEDIUM] CWE-79 CVE-2022-41651: The affected product DIAEnergie (versions prior to v1.9.01.002) is vulnerable to a stored cross-site The affected product DIAEnergie (versions prior to v1.9.01.002) is vulnerable to a stored cross-site scripting vulnerability through the SetPF API.
nvd
CVE-2022-41555P4MEDIUMCVSS 5.4≥ All, < v1.9.01.0022022-10-27
CVE-2022-41555 [MEDIUM] CWE-79 CVE-2022-41555: The affected product DIAEnergie (versions prior to v1.9.01.002) is vulnerable to a stored cross-site The affected product DIAEnergie (versions prior to v1.9.01.002) is vulnerable to a stored cross-site scripting vulnerability through the PutLineMessageSetting API.
nvd
CVE-2021-44471P4MEDIUMCVSS 6.1≥ All, ≤ 1.7.52021-12-22
CVE-2021-44471 [MEDIUM] CWE-79 CVE-2021-44471: DIAEnergie Version 1.7.5 and prior is vulnerable to stored cross-site scripting when an unauthentica DIAEnergie Version 1.7.5 and prior is vulnerable to stored cross-site scripting when an unauthenticated user injects arbitrary code into the parameter “name” of the script “DIAE_HandlerAlarmGroup.ashx”.
nvd
CVE-2024-28045P4MEDIUMCVSS 5.4fixed in v1.10.00.0052024-03-21
CVE-2024-28045 [MEDIUM] CWE-79 CVE-2024-28045: Improper neutralization of input within the affected product could lead to cross-site scripting. Improper neutralization of input within the affected product could lead to cross-site scripting.
nvd
CVE-2021-23228P4MEDIUMCVSS 6.1≥ All, ≤ 1.7.52021-12-22
CVE-2021-23228 [MEDIUM] CWE-79 CVE-2021-23228: DIAEnergie Version 1.7.5 and prior is vulnerable to a reflected cross-site scripting attack through DIAEnergie Version 1.7.5 and prior is vulnerable to a reflected cross-site scripting attack through error pages that are returned by “.NET Request.QueryString”.
nvd
CVE-2025-57700HIGHCVSS 7.0≤ 1.11.00.0022025-08-18
CVE-2025-57700 [HIGH] CWE-79 Stored Cross-site Scripting in DIAEnergie Stored Cross-site Scripting in DIAEnergie DIAEnergie - Stored Cross-site Scripting
cvelistv5
CVE-2025-57703MEDIUMCVSS 5.9≤ 1.11.00.0022025-08-18
CVE-2025-57703 [MEDIUM] CWE-79 Reflected Cross-site Scripting in DIAEnergie Reflected Cross-site Scripting in DIAEnergie DIAEnergie - Reflected Cross-site Scripting
cvelistv5
CVE-2025-57702MEDIUMCVSS 5.9≤ 1.11.00.0022025-08-18
CVE-2025-57702 [MEDIUM] CWE-79 Reflected Cross-site Scripting in DIAEnergie Reflected Cross-site Scripting in DIAEnergie DIAEnergie - Reflected Cross-site Scripting
cvelistv5
CVE-2025-57701MEDIUMCVSS 5.9≤ 1.11.00.0022025-08-18
CVE-2025-57701 [MEDIUM] CWE-79 Reflected Cross-site Scripting in DIAEnergie Reflected Cross-site Scripting in DIAEnergie DIAEnergie - Reflected Cross-site Scripting
cvelistv5
Delta Electronics Diaenergie vulnerabilities | cvebase