Vulnerabilities > CVE-2013-7387 - Unspecified vulnerability in Dleviet Datalife Engine 9.7
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN dleviet
exploit available
Summary
Session fixation vulnerability in DataLife Engine (DLE) 9.7 and earlier allows remote attackers to hijack web sessions via the PHPSESSID cookie.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
description DataLife Engine preview.php PHP Code Injection. CVE-2013-1412,CVE-2013-7387. Remote exploit for php platform file exploits/php/remote/24444.rb id EDB-ID:24444 last seen 2016-02-02 modified 2013-02-01 platform php port published 2013-02-01 reporter metasploit source https://www.exploit-db.com/download/24444/ title DataLife Engine preview.php PHP Code Injection type remote description DataLife Engine 9.7 (preview.php) PHP Code Injection Vulnerability. CVE-2013-1412,CVE-2013-7387. Webapps exploit for php platform file exploits/php/webapps/24438.txt id EDB-ID:24438 last seen 2016-02-02 modified 2013-01-28 platform php port published 2013-01-28 reporter EgiX source https://www.exploit-db.com/download/24438/ title DataLife Engine 9.7 preview.php PHP Code Injection Vulnerability type webapps