Session fixation vulnerability in DataLife Engine (DLE) 9.7 and earlier allows remote attackers to hijack web sessions via the PHPSESSID cookie.
References
Link | Resource |
---|---|
http://dle-news.ru/bags/v97/1549-patchi-bezopasnosti-dlya-versii-97.html | Patch Vendor Advisory |
http://en.securitylab.ru/lab/PT-2012-53 | Exploit |
http://secunia.com/advisories/51971 | |
http://dle-news.ru/bags/v97/1549-patchi-bezopasnosti-dlya-versii-97.html | Patch Vendor Advisory |
http://en.securitylab.ru/lab/PT-2012-53 | Exploit |
http://secunia.com/advisories/51971 |
Configurations
History
21 Nov 2024, 02:00
Type | Values Removed | Values Added |
---|---|---|
References | () http://dle-news.ru/bags/v97/1549-patchi-bezopasnosti-dlya-versii-97.html - Patch, Vendor Advisory | |
References | () http://en.securitylab.ru/lab/PT-2012-53 - Exploit | |
References | () http://secunia.com/advisories/51971 - |
Information
Published : 2014-06-02 15:55
Updated : 2024-11-21 02:00
NVD link : CVE-2013-7387
Mitre link : CVE-2013-7387
CVE.ORG link : CVE-2013-7387
JSON object : View
Products Affected
dleviet
- datalife_engine
CWE