Dleviet - Datalife Engine CVE

Filtered by vendor Dleviet Subscribe

Filtered by product Datalife Engine

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2013-7387	1 Dleviet	1 Datalife Engine	2014-06-03	6.8 MEDIUM	N/A
Session fixation vulnerability in DataLife Engine (DLE) 9.7 and earlier allows remote attackers to hijack web sessions via the PHPSESSID cookie.
CVE-2013-1412	1 Dleviet	1 Datalife Engine	2014-06-03	7.5 HIGH	N/A
DataLife Engine (DLE) 9.7 allows remote attackers to execute arbitrary PHP code via the catlist[] parameter to engine/preview.php, which is used in a preg_replace function call with an e modifier.

Vulnerabilities (CVE)