Devome ≫ Grr

Devome GRR v4.5.0 was discovered to contain multiple authenticated SQL injection vulnerabilities in the include/session.inc.php file via the referer and user-agent.

An issue was discovered in DEVOME GRR before 3.4.1c. admin_edit_room.php mishandles file uploads.

An issue was discovered in DEVOME GRR before 3.4.1c. frmcontactlist.php mishandles a SQL query.