VYPR

DLE

by DataLife Engine

CVEs (2)

  • CVE-2018-14777MedAug 1, 2018
    risk 0.35cvss 5.4epss 0.01

    An issue was discovered in DataLife Engine (DLE) through 13.0. An attacker can use XSS (related to the /addnews.html and /index.php?do=addnews URIs) to send a malicious script to unsuspecting Admins or users.

  • CVE-2008-6406Mar 6, 2009
    risk 0.03cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in admin.php in DataLife Engine (DLE) 7.2 allows remote attackers to inject arbitrary web script or HTML via the query string.