| 3647 | WordPress < 2.0.3 Arbitrary Code Injection | high |
| 3641 | BASE < 1.2.5 BASE_path Parameter Remote File Inclusion | medium |
| 3639 | SquirrelMail < 1.4.8 Local File Inclusion | medium |
| 3635 | Geeklog < 1.4.0sr3 Multiple Injection Vulnerabilities | high |
| 3633 | Nucleus CMS < 3.23 PLUGINADMIN.php DIR_LIBS Parameter Remote File Inclusion | medium |
| 3631 | Woltlab Burning Board < 2.3.5 links.php cat Parameter SQL Injection | high |
| 3629 | XOOPS < 2.0.9.4 include/common.php nocommon Parameter Local File Inclusion | medium |
| 3626 | FCKeditor with PHPNuke < 2.3 Beta upload.php Arbitrary File Upload | medium |
| 3622 | PHP-Fusion < 6.00.308 SQL Injection | high |
| 3561 | MyBB <= 1.1.1 showthread.php comma Parameter SQL Injection | medium |
| 3560 | PHP-Fusion < 6.00.307 Local File Inclusion | medium |
| 3492 | OneOrZero Helpdesk < 1.6.5.3 index.php id Parameter SQL Injection | high |
| 3490 | Horde < 3.1.1 Help Viewer Code Execution | high |
| 3489 | GreyMatter gm-upload.cgi Arbitrary File Upload | medium |
| 3488 | phpPGAds/phpAdNew < 2.0.8 Multiple Injection Vulnerabilities | low |
| 3479 | PHP iCalendar Local File Inclusion | high |
| 3477 | Horde < 3.1 go.php url Parameter File Disclosure | medium |
| 3476 | Simple PHP Blog < 0.4.7.2 install05.php Local File Inclusion | high |
| 3472 | Gallery < 2.0.4 Watermark Function stepOrder Parameter Local File Inclusion | medium |
| 3465 | Owl Intranet Engine xrms_file_root Parameter Remote File Inclusion | high |
| 3464 | Geeklog lib-sessions.php Session Cookie Handling Administrative Bypass | critical |
| 3462 | Invision Power Board showtopic.php st Parameter SQL Injection | high |
| 3457 | Gallery < 2.0.3 GalleryUtilities.class X_FORWARDED_FOR HTTP Header XSS | medium |
| 3454 | vBulletin < 3.5.4 HTML Injection | low |
| 3452 | Woltlab Burning Board < 2.7.1 Multiple Script SQL Injection (deprecated) | medium |
| 3446 | Brooky CubeCart < 3.0.7 connector.php Arbitrary File Upload | medium |
| 3441 | SquirrelMail < 1.4.7 Multiple Vulnerabilities | medium |
| 3439 | Bugzilla Whinedays SQL Injection | high |
| 3436 | Coppermine Gallery < 1.4.4 Script Injection | medium |
| 3435 | WordPress < 2.0.1 Arbitrary Script Injection | low |
| 3433 | dotProject < 2.0.2 Multiple Script Remote File Inclusion | high |
| 3427 | WebGUI < 6.8.6 'Anonymous' Account Creation | medium |
| 3426 | LinPHA <= 1.1 Multiple Vulnerabilities | medium |
| 3423 | RunCMS < 1.3a3 Arbitrary File Upload | high |
| 3417 | MyBulletinBoard < 1.04 SQL Injection | high |
| 3397 | Invision Power Board Dragoran Forum < 1.4 index.php site Parameter SQL Injection | high |
| 3391 | PmWiki <=2.1 Beta20 Multiple Vulnerabilities | low |
| 3379 | ELOG < 2.6.2 Multiple Vulnerabilities | high |
| 3341 | IBM AIX WebSM getCommand.new Local Traversal Vulnerability | medium |
| 3340 | IBM AIX WebSM Detection | medium |
| 3339 | Web Wiz Multiple Products check_user.asp txtUserName Parameter SQL Injection | high |
| 3338 | MyBulletinBoard < 1.01 function_upload.php SQL Injection | high |
| 3337 | Cerberus Help Desk < 2.7.0 Multiple Vulnerabilities | high |
| 3336 | MIMESweeper Detection | info |
| 3335 | Mantis < 0.19.5 Multiple Unspecified Vulnerabilities | high |
| 3333 | PhpGedView PGV_BASE_DIRECTORY Parameter Remote File Inclusion | high |
| 3328 | PHP Support Tickets < 2.1 index.php Multiple Field SQL Injection | high |
| 3327 | Blackboard Academic Suite < 7.0 Multiple Vulnerabilities | medium |
| 3324 | Lyris List Manager <= 8.8a Multiple Vulnerabilities | high |
| 3323 | Contenido < 4.6.4 class.inuse.php Multiple Parameter Remote File Inclusion | high |
