Celsoft

**Name of the Vulnerable Software and Affected Versions** DataLife Engine (DLE) versions 9.7 and earlier **Description** A session fixation issue allows remote attackers to hijack web sessions via the PHPSESSID cookie. **Recommendations** For DataLife Engine (DLE) versions 9.7 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.