PT-2007-6305 · Maxdev · Maxdev Md-Pro

Name of the Vulnerable Software and Affected Versions: MAXdev MDPro MD-Pro version 1.0.76 Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved by including a specific substring in the Referer HTTP header. The Firefox ID= substring is used to inject SQ...

mdpro1076-sql.txt

!/usr/bin/perl use strict; use IO::Socket; my $app = "MDPro 1.0.76"; my $type = "SQL Injection"; my $author = "undefined1"; my $settings = "magicquotesruntime = off, mysql = 4.1.0"; $| = 1; print ":: $app $type - by $author ::\n\n\n"; my $url = shift || usage; if$url = m/^?:http://./ $url = $1;...

MD-Pro 1.0.76 - SQL Injection

MD-Pro 1.0.76 - SQL Injection !/usr/bin/perl use strict; use IO::Socket; my $app = "MDPro 1.0.76"; my $type = "SQL Injection"; my $author = "undefined1"; my $settings = "magicquotesruntime = off, mysql = 4.1.0"; $| = 1; print ":: $app $type - by $author ::\n\n\n"; my $url = shift || usage; if$url...

Design/Logic Flaw

user.php in MAXdev MDPro 1.0.76 allows remote attackers to obtain the full path via a ' quote character, and possibly other invalid values, in the uname parameter in a userinfo operation...