cpe:/a:ovidentia:ovidentia:6.6.5 CVE-2008-3918 2008-09-04T14:41:00.000-04:00 2017-08-07T21:32:16.247-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-09-05T06:44:00.000-04:00 ALLOWS_OTHER_ACCESS SECUNIA 31425 XF ovidentia-field-sql-injection(45940) SQL injection vulnerability in index.php in Ovidentia 6.6.5 allows remote attackers to execute arbitrary SQL commands via the field parameter in a search action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.