MidnightBSD

Advisories for devana

CVE-2010-2673 HIGH

SQL injection vulnerability in profile_view.php in Devana 1.6.6 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
devana devana 1.4.3
devana devana *
devana devana 1.3.3
devana devana 1.2.4
devana devana 1.1.1
devana devana 1.5.3
devana devana 1.0