HomePentest-Tools.com Logo

DataLife Engine catlist Parameter PHP Code Injection Vulnerability CVE-2013-1412

Severity
Not available
CVSSv3 Score
Not available
Vulnerability description

DataLife Engine is prone to a remote PHP code-injection vulnerability. An attacker can exploit this issue to inject and execute arbitrary PHP code in the context of the affected application. This may facilitate a compromise of the application and the underlying system. Other attacks are also possible. DataLife Engine 9.7 is vulnerable. Other versions may also be affected.

Risk description
Not available
Recommendation

Vendor updates are available. Please see the references for details.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Jun 2, 2014
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available