Application: phpMyDirectory
Affected Version: version 1.3.3 and other versions.
Vendor’s URL: phpMyDirectory
Bug Type: SQL Injection
Risk Level: Critical
Solution:
Filter malicious characters and character sequences using a proxy.
General Purpose Directories, SQL Injection
Application: phpDirectorySource
Affected Version: version 1.1.06 and other versions.
Vendor’s URL: phpDirectorySource
Bug Type: SQL Injection
Risk Level: Critical
Solution:
Edit the source code to ensure that input is properly sanitized.
General Purpose Directories, SQL Injection
Application: Indexu
Version: 5.x or below
Vendor’s URL: http://www.nicecoder.com/
Bug type: Cross Site Scripting
Risk: High
Solution:
- Edit the source code to ensure that input is properly sanitised
- Application upgrade to latest version
- Vendor patch
Cross Site Scripting, General Purpose Directories