I'm disgusted, very disgusted, to see that, we have received some blackmails to ask us money to know a vulnerability with SQL Injection afflict MDPro otherwise, if we don't pay, they will share this bug with some groups hackers, then today we have found some MD sites defaced, MAXdev.com, MAXdevitalia.com, site of our no profit association gpldev.org ..... yes I'm very disgusted because we work for free, we work for open source community and these people ask us money to let us know about bug, how you want call this persons ?? hackers ?? men ?? or what ?

We are under police investigation, we already know some identities and we will provide with all steps needed to punish these people, we will keep you informed  about that.

You can read about this bug here [1] 

We invite all admins to update all MDPro web sites ASAP, you can get temporary fix in our Areafiles area, or you can click here [2],  you just need to overwrite file included, we don't guarantee but it should work with MDPro 1.076

TiMax
Project Manager