PT-2006-2670 · Md · Md-Pro
Name of the Vulnerable Software and Affected Versions: MD-Pro versions 1.0.72 through 1.0.73, and possibly other versions prior to 1.076 Description: The issue allows remote attackers to execute arbitrary SQL commands via the topicid parameter in a "display" action. This is due to improper handli...