Known Vulnerabilities for products from Maxdev
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Maxdev".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2009-4577 json | SQL injection vulnerability in the MDForum module 2.x through 2.07 for MAXdev MDPro allows remote attackers to execute arbitr... | Not Provided | 2010-01-06 | 2026-04-23 |
| CVE-2009-2618 json | SQL injection vulnerability in the Surveys (aka NS-Polls) module in MDPro (MD-Pro) 1.083.x allows remote attackers to execute... | Not Provided | 2009-07-27 | 2026-04-23 |
| CVE-2009-2307 json | SQL injection vulnerability in the CWGuestBook module 2.1 and earlier for MAXdev MDPro (aka MD-Pro) allows remote attackers t... | Not Provided | 2009-07-02 | 2026-04-23 |
| CVE-2009-0728 json | SQL injection vulnerability in the My_eGallery module for MAXdev MDPro (MD-Pro) and Postnuke allows remote attackers to execu... | Not Provided | 2009-02-24 | 2026-04-23 |
| CVE-2008-7038 json | SQL injection vulnerability in the My_eGallery module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands ... | Not Provided | 2009-08-24 | 2026-04-23 |
| CVE-2007-5222 json | SQL injection vulnerability in index.php in MAXdev MDPro (MD-Pro) 1.0.76 allows remote attackers to execute arbitrary SQL com... | Not Provided | 2007-10-05 | 2026-04-23 |
| CVE-2007-3938 json | SQL injection vulnerability in index.php in MAXdev MDPro (MD-Pro) 1.0.8x and earlier before 20070720 allows remote attackers ... | Not Provided | 2007-07-21 | 2026-04-23 |
| CVE-2007-0624 json | user.php in MAXdev MDPro 1.0.76 allows remote attackers to obtain the full path via a ' (quote) character, and possibly other... | Not Provided | 2007-01-31 | 2026-04-23 |
| CVE-2007-0623 json | SQL injection vulnerability in index.php in MAXdev MDPro 1.0.76 allows remote attackers to execute arbitrary SQL commands via... | Not Provided | 2007-01-31 | 2026-04-23 |
| CVE-2006-7112 json | Directory traversal vulnerability in error.php in MD-Pro 1.0.76 and earlier allows remote authenticated users to read and inc... | Not Provided | 2007-03-06 | 2026-04-23 |
| CVE-2006-6869 json | Directory traversal vulnerability in includes/search/search_mdforum.php in MAXdev MDForum 2.0.1 and earlier, when magic_quote... | Not Provided | 2006-12-31 | 2026-04-23 |
| CVE-2006-5565 json | CRLF injection vulnerability in MAXdev MD-Pro 1.0.76 allows remote attackers to inject arbitrary HTTP headers via a CRLF sequ... | Not Provided | 2006-10-27 | 2026-04-23 |
| CVE-2006-5564 json | Cross-site scripting (XSS) vulnerability in user.php in MAXdev MD-Pro 1.0.76 allows remote attackers to inject arbitrary web ... | Not Provided | 2006-10-27 | 2026-04-23 |
| CVE-2006-4964 json | Cross-site scripting (XSS) vulnerability in MAXdev MDPro 1.0.76 before 20060918 allows remote attackers to inject arbitrary w... | 6.8 - MEDIUM | 2006-09-23 | 2011-03-08 |
| CVE-2006-1677 json | MAXdev MDPro 1.0.73 and 1.0.72, and possibly other versions before 1.076, allows remote attackers to obtain the full path of ... | Not Provided | 2006-04-11 | 2025-04-03 |
| CVE-2006-1676 json | SQL injection vulnerability in the display function in the Topics module for MAXdev MDPro (MD-Pro) 1.0.73 and 1.0.72, and pos... | Not Provided | 2006-04-11 | 2025-04-03 |
| CVE-2005-2887 json | MAXdev MD-Pro 1.0.73, and possibly earlier versions, allows remote attackers to obtain sensitive information via a direct req... | Not Provided | 2005-09-14 | 2025-04-03 |
| CVE-2005-2886 json | Multiple cross-site scripting (XSS) vulnerabilities in MAXdev MD-Pro 1.0.73, and possibly earlier versions, allow remote atta... | Not Provided | 2005-09-14 | 2025-04-03 |
| CVE-2005-2885 json | The Downloads page in MAXdev MD-Pro 1.0.73, and possibly earlier versions, uses an incomplete blacklist to check for dangerou... | Not Provided | 2005-09-14 | 2025-04-03 |
| CVE-2005-2840 json | Multiple unknown vulnerabilities in MAXdev MD-Pro 1.0.72 and earlier have unknown impact and unspecified attack vectors, in o... | Not Provided | 2005-09-07 | 2025-04-03 |