Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Datalife Engine Security Vulnerabilities

cve
cve

CVE-2013-1412

DataLife Engine (DLE) 9.7 allows remote attackers to execute arbitrary PHP code via the catlist[] parameter to engine/preview.php, which is used in a preg_replace function call with an e modifier.

7.5AI Score

0.97EPSS

2014-06-02 03:55 PM
114
cve
cve

CVE-2013-7387

Session fixation vulnerability in DataLife Engine (DLE) 9.7 and earlier allows remote attackers to hijack web sessions via the PHPSESSID cookie.

6.9AI Score

0.008EPSS

2014-06-02 03:55 PM
32
cve
cve

CVE-2018-14777

An issue was discovered in DataLife Engine (DLE) through 13.0. An attacker can use XSS (related to the /addnews.html and /index.php?do=addnews URIs) to send a malicious script to unsuspecting Admins or users.

5.4CVSS

5.2AI Score

0.001EPSS

2018-08-01 07:29 PM
49