Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dleviet datalife engine vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2013-7387
Session fixation vulnerability in DataLife Engine (DLE) 9.7 and previous versions allows remote malicious users to hijack web sessions via the PHPSESSID cookie.
Dleviet Datalife Engine
2 EDB exploits
3.5
CVSSv2
CVE-2018-14777
An issue exists in DataLife Engine (DLE) up to and including 13.0. An attacker can use XSS (related to the /addnews.html and /index.php?do=addnews URIs) to send a malicious script to unsuspecting Admins or users.
Dleviet Datalife Engine
7.5
CVSSv2
CVE-2013-1412
DataLife Engine (DLE) 9.7 allows remote malicious users to execute arbitrary PHP code via the catlist[] parameter to engine/preview.php, which is used in a preg_replace function call with an e modifier.
Dleviet Datalife Engine 9.7
2 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started