Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
datalife engine vulnerabilities and exploits
(subscribe to this query)
760
VMScore
CVE-2007-1424
Multiple PHP remote file inclusion vulnerabilities in Softnews Media Group DataLife Engine allow remote malicious users to execute arbitrary PHP code via a URL in the root_dir parameter to (1) init.php and (2) Ajax/editnews.php. NOTE: some of these details are obtained from third...
Softnews Media Group Datalife Engine 4.1
Softnews Media Group Datalife Engine 5.5
2 EDB exploits
690
VMScore
CVE-2013-7387
Session fixation vulnerability in DataLife Engine (DLE) 9.7 and previous versions allows remote malicious users to hijack web sessions via the PHPSESSID cookie.
Dleviet Datalife Engine
2 EDB exploits
312
VMScore
CVE-2018-14777
An issue exists in DataLife Engine (DLE) up to and including 13.0. An attacker can use XSS (related to the /addnews.html and /index.php?do=addnews URIs) to send a malicious script to unsuspecting Admins or users.
Dleviet Datalife Engine
435
VMScore
CVE-2008-6406
Cross-site scripting (XSS) vulnerability in admin.php in DataLife Engine (DLE) 7.2 allows remote malicious users to inject arbitrary web script or HTML via the query string.
Datalifecms Datalife Engine 7.2
1 EDB exploit
770
VMScore
CVE-2010-2005
Multiple PHP remote file inclusion vulnerabilities in DataLife Engine (DLE) 8.3 allow remote malicious users to execute arbitrary PHP code via a URL in (1) the selected_language parameter to engine/inc/include/init.php, (2) the config[langs] parameter to engine/inc/help.php, (3) ...
Datalifecms Datalife Engine 8.3
4 EDB exploits
760
VMScore
CVE-2013-1412
DataLife Engine (DLE) 9.7 allows remote malicious users to execute arbitrary PHP code via the catlist[] parameter to engine/preview.php, which is used in a preg_replace function call with an e modifier.
Dleviet Datalife Engine 9.7
2 EDB exploits
760
VMScore
CVE-2006-3221
SQL injection vulnerability in index.php in DataLife Engine 4.1 and previous versions allows remote malicious users to execute arbitrary SQL commands via double-encoded values in the user parameter in a userinfo subaction.
Softnews Media Group Datalife Engine
2 EDB exploits
605
VMScore
CVE-2008-6480
Cross-site request forgery (CSRF) vulnerability in engine/modules/imagepreview.php in Datalife Engine 6.7 allows remote malicious users to hijack the authentication of arbitrary users for requests that use a modified image parameter.
Softnews Media Group Datalife Engine 6.7
755
VMScore
CVE-2009-3055
PHP remote file inclusion vulnerability in engine/api/api.class.php in DataLife Engine (DLE) 8.2 allows remote malicious users to execute arbitrary PHP code via a URL in the dle_config_api parameter.
Dlecms Dle 8.2
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started