Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dleviet datalife engine vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2018-14777
An issue exists in DataLife Engine (DLE) up to and including 13.0. An attacker can use XSS (related to the /addnews.html and /index.php?do=addnews URIs) to send a malicious script to unsuspecting Admins or users.
Dleviet Datalife Engine
NA
CVE-2013-7387
Session fixation vulnerability in DataLife Engine (DLE) 9.7 and previous versions allows remote malicious users to hijack web sessions via the PHPSESSID cookie.
Dleviet Datalife Engine
2 EDB exploits
NA
CVE-2013-1412
DataLife Engine (DLE) 9.7 allows remote malicious users to execute arbitrary PHP code via the catlist[] parameter to engine/preview.php, which is used in a preg_replace function call with an e modifier.
Dleviet Datalife Engine 9.7
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started