Information Disclosure Vulnerability in MAXdev MD-Pro 1.0.73 and Earlier Versions

Information Disclosure Vulnerability in MAXdev MD-Pro 1.0.73 and Earlier Versions

CVE-2005-2887 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

MAXdev MD-Pro 1.0.73, and possibly earlier versions, allows remote attackers to obtain sensitive information via a direct request to (1) wiki.php, (2) AutoTheme directory, (3) Blocks directory, (4) admin.php, (5) pnadmin.php, or (6) Topics directory, which reveal the path in an error message.

Learn more about our Web Application Penetration Testing UK.