Show filters
3 Total Results
Displaying 1-3 of 3
Sort by:
Attacker Value
Unknown
CVE-2007-5222
Disclosure Date: October 05, 2007 (last updated October 04, 2023)
SQL injection vulnerability in index.php in MAXdev MDPro (MD-Pro) 1.0.76 allows remote attackers to execute arbitrary SQL commands via a "Firefox ID=" substring in a Referer HTTP header.
0
Attacker Value
Unknown
CVE-2007-0624
Disclosure Date: January 31, 2007 (last updated October 04, 2023)
user.php in MAXdev MDPro 1.0.76 allows remote attackers to obtain the full path via a ' (quote) character, and possibly other invalid values, in the uname parameter in a userinfo operation.
0
Attacker Value
Unknown
CVE-2007-0623
Disclosure Date: January 31, 2007 (last updated October 04, 2023)
SQL injection vulnerability in index.php in MAXdev MDPro 1.0.76 allows remote attackers to execute arbitrary SQL commands via the startrow parameter.
0
