QwikSec

Security Database

CVE

CWE

Training

CVE-2005-2887

Published: Sep 14, 2005

Modified: Aug 7, 2024

PUBLISHED

Description

MAXdev MD-Pro 1.0.73, and possibly earlier versions, allows remote attackers to obtain sensitive information via a direct request to (1) wiki.php, (2) AutoTheme directory, (3) Blocks directory, (4) admin.php, (5) pnadmin.php, or (6) Topics directory, which reveal the path in an error message.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

third-party-advisory

x_refsource_SECUNIA

http://rgod.altervista.org/maxdev1073.html

x_refsource_MISC

20050906 MAXdev MD-Pro 1.0.73 (possibly prior versions) remote code execution / cross site scripting / path disclosure

mailing-list

x_refsource_BUGTRAQ

mdpro-multiple-path-disclosure(22201)

vdb-entry

x_refsource_XF

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.