Known Vulnerabilities for products from Maxdev
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Maxdev".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2009-4577 json | SQL injection vulnerability in the MDForum module 2.x through 2.07 for MAXdev MDPro allows remote attackers to execute arbitr... | 7.5 - HIGH | 2010-01-06 | 2017-08-17 |
| CVE-2009-2618 json | SQL injection vulnerability in the Surveys (aka NS-Polls) module in MDPro (MD-Pro) 1.083.x allows remote attackers to execute... | 7.5 - HIGH | 2009-07-27 | 2017-09-19 |
| CVE-2009-2307 json | SQL injection vulnerability in the CWGuestBook module 2.1 and earlier for MAXdev MDPro (aka MD-Pro) allows remote attackers t... | 7.5 - HIGH | 2009-07-02 | 2017-09-19 |
| CVE-2009-0728 json | SQL injection vulnerability in the My_eGallery module for MAXdev MDPro (MD-Pro) and Postnuke allows remote attackers to execu... | 7.5 - HIGH | 2009-02-24 | 2017-09-29 |
| CVE-2008-7038 json | SQL injection vulnerability in the My_eGallery module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands ... | 7.5 - HIGH | 2009-08-24 | 2018-10-11 |
| CVE-2007-5222 json | SQL injection vulnerability in index.php in MAXdev MDPro (MD-Pro) 1.0.76 allows remote attackers to execute arbitrary SQL com... | 7.5 - HIGH | 2007-10-05 | 2017-09-29 |
| CVE-2007-3938 json | SQL injection vulnerability in index.php in MAXdev MDPro (MD-Pro) 1.0.8x and earlier before 20070720 allows remote attackers ... | 7.5 - HIGH | 2007-07-21 | 2017-09-29 |
| CVE-2007-0624 json | user.php in MAXdev MDPro 1.0.76 allows remote attackers to obtain the full path via a ' (quote) character, and possibly other... | 5 - MEDIUM | 2007-01-31 | 2018-10-16 |
| CVE-2007-0623 json | SQL injection vulnerability in index.php in MAXdev MDPro 1.0.76 allows remote attackers to execute arbitrary SQL commands via... | 7.5 - HIGH | 2007-01-31 | 2018-10-16 |
| CVE-2006-7112 json | Directory traversal vulnerability in error.php in MD-Pro 1.0.76 and earlier allows remote authenticated users to read and inc... | 6 - MEDIUM | 2007-03-06 | 2017-10-11 |
| CVE-2006-6869 json | Directory traversal vulnerability in includes/search/search_mdforum.php in MAXdev MDForum 2.0.1 and earlier, when magic_quote... | 9.3 - HIGH | 2006-12-31 | 2017-10-19 |
| CVE-2006-5565 json | CRLF injection vulnerability in MAXdev MD-Pro 1.0.76 allows remote attackers to inject arbitrary HTTP headers via a CRLF sequ... | 5 - MEDIUM | 2006-10-27 | 2011-03-08 |
| CVE-2006-5564 json | Cross-site scripting (XSS) vulnerability in user.php in MAXdev MD-Pro 1.0.76 allows remote attackers to inject arbitrary web ... | 4.3 - MEDIUM | 2006-10-27 | 2011-03-08 |
| CVE-2006-4964 json | Cross-site scripting (XSS) vulnerability in MAXdev MDPro 1.0.76 before 20060918 allows remote attackers to inject arbitrary w... | 6.8 - MEDIUM | 2006-09-23 | 2011-03-08 |
| CVE-2006-1677 json | MAXdev MDPro 1.0.73 and 1.0.72, and possibly other versions before 1.076, allows remote attackers to obtain the full path of ... | 6.4 - MEDIUM | 2006-04-11 | 2018-10-18 |
| CVE-2006-1676 json | SQL injection vulnerability in the display function in the Topics module for MAXdev MDPro (MD-Pro) 1.0.73 and 1.0.72, and pos... | 6.4 - MEDIUM | 2006-04-11 | 2018-10-18 |
| CVE-2005-2887 json | MAXdev MD-Pro 1.0.73, and possibly earlier versions, allows remote attackers to obtain sensitive information via a direct req... | 5 - MEDIUM | 2005-09-14 | 2017-07-11 |
| CVE-2005-2886 json | Multiple cross-site scripting (XSS) vulnerabilities in MAXdev MD-Pro 1.0.73, and possibly earlier versions, allow remote atta... | 4.3 - MEDIUM | 2005-09-14 | 2017-07-11 |
| CVE-2005-2885 json | The Downloads page in MAXdev MD-Pro 1.0.73, and possibly earlier versions, uses an incomplete blacklist to check for dangerou... | 7.5 - HIGH | 2005-09-14 | 2017-07-11 |
| CVE-2005-2840 json | Multiple unknown vulnerabilities in MAXdev MD-Pro 1.0.72 and earlier have unknown impact and unspecified attack vectors, in o... | 10 - HIGH | 2005-09-07 | 2008-09-05 |