MDPro 1.0.76 - Multiple Remote Vulnerabilities

[adexior]

_____SQL Injection:

index.php?module=News&startrow='[sql injection]


_____Show path to script:

user.php?op=userinfo&uname='