Every CVE whose affected-product data names Maxdev Md-pro, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (9)
CVE-2005-2840 — CVSS 10.0 (critical): Multiple unknown vulnerabilities in MAXdev MD-Pro 1.0.72 and earlier have unknown impact and unspecified attack vectors, in one or more of…
CVE-2005-2885 — CVSS 7.5 (high): The Downloads page in MAXdev MD-Pro 1.0.73, and possibly earlier versions, uses an incomplete blacklist to check for dangerous file…
CVE-2006-4964 — CVSS 6.8 (medium): Cross-site scripting (XSS) vulnerability in MAXdev MDPro 1.0.76 before 20060918 allows remote attackers to inject arbitrary web script or…
CVE-2006-1677 — CVSS 6.4 (medium): MAXdev MDPro 1.0.73 and 1.0.72, and possibly other versions before 1.076, allows remote attackers to obtain the full path of the server via…
CVE-2006-1676 — CVSS 6.4 (medium): SQL injection vulnerability in the display function in the Topics module for MAXdev MDPro (MD-Pro) 1.0.73 and 1.0.72, and possibly other…
CVE-2006-5565 — CVSS 5.0 (medium): CRLF injection vulnerability in MAXdev MD-Pro 1.0.76 allows remote attackers to inject arbitrary HTTP headers via a CRLF sequence in the…
CVE-2005-2887 — CVSS 5.0 (medium): MAXdev MD-Pro 1.0.73, and possibly earlier versions, allows remote attackers to obtain sensitive information via a direct request to (1)…
CVE-2006-5564 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in user.php in MAXdev MD-Pro 1.0.76 allows remote attackers to inject arbitrary web script or HTML…
CVE-2005-2839 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in MAXdev MD-Pro 1.0.72 allow remote attackers to inject arbitrary web script or HTML…