Every CVE whose affected-product data names Maxdev Mdpro, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2007-0623 — CVSS 7.5 (high): SQL injection vulnerability in index.php in MAXdev MDPro 1.0.76 allows remote attackers to execute arbitrary SQL commands via the startrow…
CVE-2007-3938 — CVSS 7.5 (high): SQL injection vulnerability in index.php in MAXdev MDPro (MD-Pro) 1.0.8x and earlier before 20070720 allows remote attackers to execute…
CVE-2007-5222 — CVSS 7.5 (high): SQL injection vulnerability in index.php in MAXdev MDPro (MD-Pro) 1.0.76 allows remote attackers to execute arbitrary SQL commands via a…
CVE-2009-2618 — CVSS 7.5 (high): SQL injection vulnerability in the Surveys (aka NS-Polls) module in MDPro (MD-Pro) 1.083.x allows remote attackers to execute arbitrary SQL…
CVE-2006-7112 — CVSS 6.0 (medium): Directory traversal vulnerability in error.php in MD-Pro 1.0.76 and earlier allows remote authenticated users to read and include arbitrary…
CVE-2007-0624 — CVSS 5.0 (medium): user.php in MAXdev MDPro 1.0.76 allows remote attackers to obtain the full path via a ' (quote) character, and possibly other invalid…