Datalifecms

datalifecms

2 CVEs • 1 product

Products (1)

Click to collapse

Toggle

Datalife Engine

datalife_engine

2 CVEs

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2010-2005 1Datalifecms 1Datalife Engine Apr 29, 2026 May 20, 2010 N/A· v4 N/A· v3 7.5 HIGH· v2 Multiple PHP remote file inclusion vulnerabilities in DataLife Engine (DLE) 8.3 allow remote attackers to execute arbitrary PHP code via a URL in (1) the selected_language parameter to engine/inc/include/init.php, (2) th...Show more Multiple PHP remote file inclusion vulnerabilities in DataLife Engine (DLE) 8.3 allow remote attackers to execute arbitrary PHP code via a URL in (1) the selected_language parameter to engine/inc/include/init.php, (2) the config[langs] parameter to engine/inc/help.php, (3) the config[lang] parameter to engine/ajax/pm.php, (4) and the _REQUEST[skin] parameter to engine/ajax/addcomments.php.Show less
CVE-2008-6406 1Datalifecms 1Datalife Engine Apr 23, 2026 Mar 6, 2009 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in admin.php in DataLife Engine (DLE) 7.2 allows remote attackers to inject arbitrary web script or HTML via the query string.

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2010-2005

1Datalifecms

1Datalife Engine

Apr 29, 2026

May 20, 2010

N/A· v4

N/A· v3

7.5 HIGH· v2

Multiple PHP remote file inclusion vulnerabilities in DataLife Engine (DLE) 8.3 allow remote attackers to execute arbitrary PHP code via a URL in (1) the selected_language parameter to engine/inc/include/init.php, (2) the config[langs] parameter to engine/inc/help.php, (3) the config[lang] parameter to engine/ajax/pm.php, (4) and the _REQUEST[skin] parameter to engine/ajax/addcomments.php.Show less

CVE-2008-6406

1Datalifecms

1Datalife Engine

Apr 23, 2026

Mar 6, 2009

N/A· v4

N/A· v3

4.3 MEDIUM· v2

Cross-site scripting (XSS) vulnerability in admin.php in DataLife Engine (DLE) 7.2 allows remote attackers to inject arbitrary web script or HTML via the query string.