• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

MAXdev MD-Pro Cross-Site Scripting Vulnerability

Cross-site scripting vulnerabilities reportedly affect MD-Pro The vulnerabilities exist in the "wl-search.php" and "dl-search.php" scripts and are due to input validation errors. Successful exploitation may allow for attacks against other users of the application or others hosted on the same domain. Session hijacking, content spoofing and other attacks may be possible.