VYPR
Unrated severityNVD Advisory· Published Apr 11, 2006· Updated Jun 16, 2026

CVE-2006-1677

CVE-2006-1677

Description

MAXdev MDPro 1.0.73 and 1.0.72, and possibly other versions before 1.076, allows remote attackers to obtain the full path of the server via a direct request to includes/legacy.php.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

4
  • Maxdev/Mdpro4 versions
    cpe:2.3:a:maxdev:md-pro:*:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:maxdev:md-pro:*:*:*:*:*:*:*:*range: <=1.0.75
    • cpe:2.3:a:maxdev:md-pro:1.0.72:*:*:*:*:*:*:*
    • cpe:2.3:a:maxdev:md-pro:1.0.73:*:*:*:*:*:*:*
    • (no CPE)range: >=1.0.72 <=1.0.76

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.