Lucene search
HistoryJul 21, 2007 - 12:30 a.m.
CVE-2007-3938
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.2
Confidence
Low
EPSS
0.01
Percentile
84.3%
SQL injection vulnerability in index.php in MAXdev MDPro (MD-Pro) 1.0.8x and earlier before 20070720 allows remote attackers to execute arbitrary SQL commands via the topicid parameter in a view action in the Topics module, a different vulnerability than CVE-2006-1676.
Affected configurations
Node
maxdevmdproRange≤1.0.8x
Related
cvelist
cvelist
CVE-2007-3938
2007-07-21 00:00:00
CVE-2006-1676
2006-04-10 23:00:00
prion
prion
Sql injection
2007-07-21 00:30:00
Sql injection
2006-04-11 00:02:00
cve
cve
CVE-2007-3938
2007-07-21 00:30:00
CVE-2006-1676
2006-04-11 00:02:00
exploitdb
exploitdb
Md-Pro 1.0.8x - Topics topicid SQL Injection
2007-07-18 00:00:00
MAXDEV CMS 1.0.72/1.0.73 - 'PNuserapi.php' SQL Injection
2006-04-06 00:00:00
nessus
nessus
MDPro index.php topicid Parameter SQL Injection
2007-09-05 00:00:00
nvd
nvd
CVE-2006-1676
2006-04-11 00:02:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.2
Confidence
Low
EPSS
0.01
Percentile
84.3%
Related for NVD:CVE-2007-3938