CVE-2007-0624
The CVE-2007-0624 issue affects MAXdev MDPro 1.0.76 (user.php) where the uname parameter in a userinfo operation can be crafted to reveal the server’s full filesystem path by injecting a quote character and possibly other invalid values. The vulnerability could enable information disclosure (part...