VYPR
Unrated severityNVD Advisory· Published Jul 21, 2007· Updated Jun 16, 2026

CVE-2007-3938

CVE-2007-3938

Description

SQL injection vulnerability in index.php in MAXdev MDPro (MD-Pro) 1.0.8x and earlier before 20070720 allows remote attackers to execute arbitrary SQL commands via the topicid parameter in a view action in the Topics module, a different vulnerability than CVE-2006-1676.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Maxdev/Mdpro2 versions
    cpe:2.3:a:maxdev:mdpro:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:maxdev:mdpro:*:*:*:*:*:*:*:*range: <=1.0.8x
    • (no CPE)range: <= 1.0.8x (before 20070720)

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.