3 matches found
CVE-2018-14777
An issue was discovered in DataLife Engine DLE through 13.0. An attacker can use XSS related to the /addnews.html and /index.php?do=addnews URIs to send a malicious script to unsuspecting Admins or users...
CVE-2018-14777
An issue was discovered in DataLife Engine DLE through 13.0. An attacker can use XSS related to the /addnews.html and /index.php?do=addnews URIs to send a malicious script to unsuspecting Admins or users...
CVE-2018-14777
DataLife Engine (DLE) before or at version 13.0 contains a cross-site scripting (XSS) vulnerability that affects the /addnews.html and /index.php?do=addnews endpoints. An attacker can inject malicious scripts that are rendered inAdmin or user browsers, enabling access to cookies, session tokens, ...