Exploitation Summary
EIP tracks 1 public exploit for CVE-2007-0623. PoCs published by adexior.
AI-analyzed exploit summary The provided text describes an SQL injection vulnerability in MDPro version 1.0.76, where the 'startrow' parameter in the 'News' module is not properly sanitized. The example URL demonstrates how an attacker could inject malicious SQL queries.
Description
SQL injection vulnerability in index.php in MAXdev MDPro 1.0.76 allows remote attackers to execute arbitrary SQL commands via the startrow parameter.
Exploits (1)
The provided text describes an SQL injection vulnerability in MDPro version 1.0.76, where the 'startrow' parameter in the 'News' module is not properly sanitized. The example URL demonstrates how an attacker could inject malicious SQL queries.