Remote file inclusion

PHP remote file inclusion vulnerability in engine/api/api.class.php in DataLife Engine DLE 8.2 allows remote attackers to execute arbitrary PHP code via a URL in the dleconfigapi parameter...

CVE-2009-3055

PHP remote file inclusion vulnerability in engine/api/api.class.php in DataLife Engine DLE 8.2 allows remote attackers to execute arbitrary PHP code via a URL in the dleconfigapi parameter...

CVE-2009-3055

CVE-2009-3055 affects DataLife Engine (DLE) 8.2 , with a vulnerability in engine/api/api.class.php that allows remote code execution via a URL in the dle_config_api parameter. Root cause: PHP remote file inclusion . Impact: partial impact on confidentiality , integrity , and availability as state...

DataLife Engine 8.2 dle_config_api Remote File Inclusion Vulnerability

No description provided by source. ====================================================== DatalifeEngine 8.2 Remote File Inclusion Vulnerability ! Found by : kurdish hackers team ! C0ntact : pshela at YaHoo .com ! Groups : Kurd-Team ! site : www.kurdteam.org...

DataLife Engine 8.2 dle_config_api Remote File Inclusion Vulnerability

Exploit for unknown platform in category web applications ====================================================================== DataLife Engine 8.2 dleconfigapi Remote File Inclusion Vulnerability ======================================================================...

DataLife Engine 8.2 - dle_config_api Remote File Inclusion

DataLife Engine 8.2 - dleconfigapi Remote File Inclusion ====================================================== DatalifeEngine 8.2 Remote File Inclusion Vulnerability Found by : kurdish hackers team C0ntact : pshela at YaHoo .com Groups : Kurd-Team site : www.kurdteam.org...

DataLife Engine 8.2 - dle_config_api Remote File Inclusion

====================================================== DatalifeEngine 8.2 Remote File Inclusion Vulnerability Found by : kurdish hackers team C0ntact : pshela at YaHoo .com Groups : Kurd-Team site : www.kurdteam.org ======================================================= +++++++++++++++++++ Scrip...

CVE-2008-6480

Cross-site request forgery CSRF vulnerability in engine/modules/imagepreview.php in Datalife Engine 6.7 allows remote attackers to hijack the authentication of arbitrary users for requests that use a modified image parameter...

CVE-2008-6480

CVE-2008-6480 describes a CSRF vulnerability in Datalife Engine 6.7, specifically in engine/modules/imagepreview.php, where an attacker can hijack the authentication of arbitrary users by sending requests with a modified image parameter. The vulnerability affects the imagepreview functionality an...

CVE-2008-6406

Cross-site scripting XSS vulnerability in admin.php in DataLife Engine DLE 7.2 allows remote attackers to inject arbitrary web script or HTML via the query string...

Cross site scripting

Cross-site scripting XSS vulnerability in admin.php in DataLife Engine DLE 7.2 allows remote attackers to inject arbitrary web script or HTML via the query string...

CVE-2008-6406

CVE-2008-6406 is an XSS vulnerability reported in DataLife Engine (DLE) 7.2, located in admin.php and exploitable via the query string. The affected component is the admin interface; the underlying issue is improper handling of user-supplied input in the query parameters, allowing an attacker to ...

CVE-2008-6406

Cross-site scripting XSS vulnerability in admin.php in DataLife Engine DLE 7.2 allows remote attackers to inject arbitrary web script or HTML via the query string...

Xss In Datalife Engine CMS 7.2

Author : Hadi Kiamarsi ------------------------------------------- Discovered by : Hadi Kiamarsi ------------------------------------------- Exploited By : Hadi Kiamarsi ------------------------------------------- E-Mail : hadikiamarsiathotmail.com ------------------------------------------- CMS:...

datalife-xss.txt

Author : Hadi Kiamarsi ------------------------------------------- Discovered by : Hadi Kiamarsi ------------------------------------------- Exploited By : Hadi Kiamarsi ------------------------------------------- E-Mail : hadikiamarsiathotmail.com ------------------------------------------- CMS:...

Datalife Engine CMS 7.2 - 'admin.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/31335/info Datalife Engine CMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in th...

Datalife Engine CMS 7.2 - admin.php Cross-Site Scripting

Datalife Engine CMS 7.2 - admin.php Cross-Site Scripting source: https://www.securityfocus.com/bid/31335/info Datalife Engine CMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary...

Datalife Engine 6.7 XSRF

Datalife Engine 6.7 XSRF Vulnerability By IRCRASH Discovered by : IRCRASH R3d.w0rm IRCRASH Team Members : Dr.Crash - Malc0de - R3d.w0rm Script Download : http://datalifecms.ir/download/DatalifeEngine6.7.zip XSRF XSRF Address : http://site.com/datalife-path/engine/modules/imagepreview.php?image=XS...

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. CMS DataLife Engine - path information leakage...

Баг в модуле CMS DataLife Engine

Я нашел баг в модуле "ОНЛАЙН СТАТУСА" CMS DataLife Engine. Если зайти на сайт под зарегистрированным пользователем используя браузер Lynx движок сайта перестает нормально работать и выдает только одну строку "Fatal error: Using $this when not in object context in...