| 20379 | phpBB < 2.0.19 Multiple XSS | medium |
| 20378 | PHP Support Tickets index.php Multiple Parameter SQL Injection | high |
| 20376 | PHPSurveyor Multiple SQL Injections | high |
| 20375 | Web Wiz check_user.asp txtUserName Parameter SQL Injection | high |
| 20374 | phpDocumentor <= 1.3.0 RC4 Local And Remote File Inclusion | high |
| 20373 | MyBB < 1.01 function_upload.php SQLi | high |
| 20372 | Xaraya index.php module Parameter Traversal Arbitrary File/Directory Manipulation | medium |
| 20349 | eFiction < 2.0.2 Multiple Remote Vulnerabilities (SQLi, XSS, Disc) | high |
| 20348 | Cerberus Helpdesk GUI Agent < 2.7.1 Multiple Remote Vulnerabilities (SQLi, XSS) | high |
| 20347 | Cerberus Support Center Multiple Remote Vulnerabilities (SQLi, XSS) | high |
| 20346 | VisNetic / Merak Mail Server Multiple Remote Vulnerabilities | high |
| 20343 | Webmin 'miniserv.pl' 'username' Parameter Format String | high |
| 20342 | MyBB calendar.php 'month' Parameter SQLi | critical |
| 20339 | PhpGedView PGV_BASE_DIRECTORY Parameter Remote File Inclusion | high |
| 20338 | Plogger plog-admin-functions.php config Parameter Remote File Inclusion | high |
| 20337 | FTGate <= 4.4.002 Multiple Remote Vulnerabilities (OF, FS, XSS) | high |
| 20321 | ELOG Remote Buffer Overflow Vulnerabilities | high |
| 20317 | vTiger < 4.5a2 Multiple Vulnerabilities | high |
| 20303 | SimpleBBS topics.php name Parameter Arbitrary Command Execution | high |
| 20300 | phpCOIN < 1.2.2 2005-12-13 Fix-File Multiple Vulnerabilities | high |
| 20296 | The Includer includer.cgi Arbitrary Command Execution | high |
| 20295 | ListManager Error Message Information Disclosure | medium |
| 20294 | ListManager < 8.9b Multiple Vulnerabilities | high |
| 20293 | FlatNuke index.php id Parameter Traversal Arbitrary File Access | medium |
| 20292 | Contenido contenido/classes/class.inuse.php Multiple Parameter Remote File Inclusion | high |
| 20286 | SugarCRM <= 4.0 beta acceptDecline.php Remote File Inclusion | high |
| 20255 | MediaWiki Language Option eval() Function Arbitrary PHP Code Execution | high |
| 20254 | Zen Cart password_forgotten.php admin_email Parameter SQL Injection | medium |
| 20253 | DUware Multiple Products type.asp iType Parameter SQL Injection | high |
| 20252 | Trac Ticket Query Module group Parameter SQL Injection | high |
| 20251 | PHPX admin/index.php username Parameter SQL Injection | high |
| 20250 | WebCalendar < 1.0.2 Multiple Vulnerabilities | high |
| 20248 | GuppY <= 4.5.9 Multiple Remote Vulnerabilities (Traversal, Code Exec) | high |
| 20246 | PHP Doc System index.php show Parameter Local File Inclusion | medium |
| 20241 | Google Search Appliance proxystylesheet Parameter Multiple Remote Vulnerabilities (XSS, Code Exec, ID) | high |
| 20227 | Winmail Server <= 4.2 Build 0824 Multiple Vulnerabilities | medium |
| 20223 | Help Center Live module.php file Parameter Local File Inclusion | high |
| 20222 | Mambo Open Source / Joomla! GLOBALS Variable Remote File Include | high |
| 20216 | phpwcms 1.2.5 Multiple Vulnerabilities | medium |
| 20215 | phpSysInfo < 2.4.1 Multiple Vulnerabilities | medium |
| 20214 | CodeGrrl Applications Remote File Inclusion Vulnerabilities | medium |
| 20213 | XOOPS xoopsConfig[language] Parameter Local File Inclusion (XOOPS_WFd205_xpl) | medium |
| 20211 | Exponent CMS < 0.96.4 Multiple Remote Vulnerabilities (XSS, SQLi, Code Exe, Disc) | critical |
| 20210 | Moodle < 1.5.3 Multiple SQL Injection Vulnerabilities | high |
| 20185 | TikiWiki < 1.8.6 / 1.9.1 Multiple Vulnerabilities | medium |
| 20180 | phpAdsNew XML-RPC Library Remote Code Injection | high |
| 20176 | MailWatch authenticate() Function SQL Injection | medium |
| 20171 | Horde Admin Account Default Password | critical |
| 20170 | phpWebThings Multiple Scripts SQL Injection | high |
| 20169 | PHPFM Arbitrary File Upload | high |
