Maxdev : Security Vulnerabilities, CVEs, (XSS)
Cross-site scripting (XSS) vulnerability in user.php in MAXdev MD-Pro 1.0.76 allows remote attackers to inject arbitrary web script or HTML via the op parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
Max CVSS
4.3
EPSS Score
0.31%
Published
2006-10-27
Updated
2011-03-08
Cross-site scripting (XSS) vulnerability in MAXdev MDPro 1.0.76 before 20060918 allows remote attackers to inject arbitrary web script or HTML via (1) vectors that bypass the XSS protection mechanisms of the pnVarCleanFromInput function, and (2) unspecified vectors related to the AntiCracker.
Max CVSS
6.8
EPSS Score
8.14%
Published
2006-09-23
Updated
2011-03-08
Multiple cross-site scripting (XSS) vulnerabilities in MAXdev MD-Pro 1.0.72 allow remote attackers to inject arbitrary web script or HTML via (1) dl-search.php or (2) wl-search.php.
Max CVSS
4.3
EPSS Score
0.11%
Published
2005-09-07
Updated
2008-09-05
3 vulnerabilities found