Unfixed XSS vulnerability at library.umd.umich.edu

Security researcher p0pc0rn, has submitted on 08/12/2010 a cross-site-scripting XSS vulnerability affecting library.umd.umich.edu, which at the time of submission ranked 3022 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 21/12/2011. It is...

CVE-2006-4756

SQL injection vulnerability in alpha.php in phpMyDirectory 10.4.6 and earlier allows remote attackers to execute arbitrary SQL commands via the letter parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information...

CVE-2006-4755

The CVE-2006-4755 entry describes a Cross-site Scripting (XSS) vulnerability in phpMyDirectory 10.4.6 and earlier, exploitable via the letter parameter in alpha.php. The issue allows remote attackers to inject arbitrary web script or HTML. Documents indicate no explicit remediation steps or patch...

CVE-2006-4756

SQL injection vulnerability in alpha.php in phpMyDirectory 10.4.6 and earlier allows remote attackers to execute arbitrary SQL commands via the letter parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information...

CVE-2006-4755

Cross-site scripting XSS vulnerability in alpha.php in phpMyDirectory 10.4.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the letter parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information...