CVE-2006-1677
CVE-2006-1677 affects MAXdev MDPro versions prior to 1.076, including 1.0.72/1.0.73. Root cause is an insecure direct access path to includes/legacy.php that allows remote attackers to obtain the server’s full filesystem path. Impact is partial confidentiality exposure (full path disclosure) with...