Unrated severityNVD Advisory· Published Jul 8, 2010· Updated Apr 29, 2026
CVE-2010-2673
CVE-2010-2673
Description
SQL injection vulnerability in profile_view.php in Devana 1.6.6 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
Affected products
7cpe:2.3:a:devana:devana:*:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:devana:devana:*:*:*:*:*:*:*:*range: <=1.6.6
- cpe:2.3:a:devana:devana:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:devana:devana:1.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:devana:devana:1.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:devana:devana:1.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:devana:devana:1.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:devana:devana:1.5.3:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- osvdb.org/63278nvdExploit
- packetstormsecurity.org/1003-exploits/devana-sql.txtnvdExploit
- www.exploit-db.com/exploits/11922nvdExploit
- secunia.com/advisories/39121nvdVendor Advisory
News mentions
0No linked articles in our index yet.