CVE-2013-7387

Session fixation vulnerability in DataLife Engine (DLE) 9.7 and earlier allows remote attackers to hijack web sessions via the PHPSESSID cookie.
Configurations

Configuration 1 (hide)

cpe:2.3:a:dleviet:datalife_engine:*:*:*:*:*:*:*:*

History

21 Nov 2024, 02:00

Type Values Removed Values Added
References () http://dle-news.ru/bags/v97/1549-patchi-bezopasnosti-dlya-versii-97.html - Patch, Vendor Advisory () http://dle-news.ru/bags/v97/1549-patchi-bezopasnosti-dlya-versii-97.html - Patch, Vendor Advisory
References () http://en.securitylab.ru/lab/PT-2012-53 - Exploit () http://en.securitylab.ru/lab/PT-2012-53 - Exploit
References () http://secunia.com/advisories/51971 - () http://secunia.com/advisories/51971 -

Information

Published : 2014-06-02 15:55

Updated : 2024-11-21 02:00


NVD link : CVE-2013-7387

Mitre link : CVE-2013-7387

CVE.ORG link : CVE-2013-7387


JSON object : View

Products Affected

dleviet

  • datalife_engine