Application: phpMyDirectory
Affected Version: version 1.3.3 and other versions.
Vendor’s URL: phpMyDirectory
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Filter malicious characters and character sequences using a proxy.

General Purpose Directories, SQL Injection

Application: phpDirectorySource
Affected Version: version 1.1.06 and other versions.
Vendor’s URL: phpDirectorySource
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitized.

General Purpose Directories, SQL Injection

Application: Indexu
Version: 5.x or below
Vendor’s URL: http://www.nicecoder.com/
Bug type: Cross Site Scripting
Risk: High

Solution:
- Edit the source code to ensure that input is properly sanitised
- Application upgrade to latest version
- Vendor patch

Cross Site Scripting, General Purpose Directories