Vulnerabilities > CVE-2007-0624 - Unspecified vulnerability in Maxdev Mdpro 1.0.76
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
user.php in MAXdev MDPro 1.0.76 allows remote attackers to obtain the full path via a ' (quote) character, and possibly other invalid values, in the uname parameter in a userinfo operation.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
References
- http://osvdb.org/33613
- http://osvdb.org/33613
- http://securityreason.com/securityalert/2198
- http://securityreason.com/securityalert/2198
- http://www.securityfocus.com/archive/1/458438/100/0/threaded
- http://www.securityfocus.com/archive/1/458438/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/31898
- https://exchange.xforce.ibmcloud.com/vulnerabilities/31898