| 2897 | BoastMachine < 3.1 users.inc.php Arbitrary File Upload | medium |
| 2886 | PHP Advanced Transfer Manager < 1.22 Arbitrary File Upload | medium |
| 2885 | WebStar Mail < 5.4.1 Tomcat Plugin Remote Overflow | high |
| 2879 | Invision Board Multiple XSS and SQL Injection | low |
| 2875 | Open Webmail < 2.51 20050430 Shell Escape Arbitrary Command Execution | high |
| 2874 | MaxWebPortal < 1.3.5 Multiple SQL Injection | high |
| 2871 | JGS-Portal < 3.0.2 jgs_portal.php id Parameter SQL Injection | high |
| 2867 | PHPCoin < 1.2.2 2005-12-13 Multiple Script SQL Injection (deprecated) | high |
| 2865 | Claroline Multiple Remote Vulnerabilities | high |
| 2864 | PHP-Calendar < 0.10.3 includes/search.php SQL Injection | high |
| 2859 | Yappa-NG < 2.3.2 Multiple vulnerabilities | low |
| 2858 | Horde Kronolith Multiple XSS (deprecated) | medium |
| 2857 | Horde Turba < 1.2.5 Parent Frame Page Title XSS | low |
| 2856 | Horde Imp < 3.2.8 Parent Frame Page Title XSS | medium |
| 2855 | Horde Forwards < 2.2.2 Parent Frame Page Title XSS | low |
| 2854 | Horde Accounts < 2.1.2 Parent Frame Page Title XSS | low |
| 2853 | Horde Chora < 1.2.3 Parent Frame Page Title XSS | low |
| 2852 | Horde Nag < 1.1.3 Parent Frame Page Title XSS | low |
| 2851 | Horde MNemo < 1.1.4 Parent Frame Page Title XSS | low |
| 2850 | Horde Vacation < 2.2.2 Parent Frame Page Title XSS | low |
| 2849 | phpBB < 2.0.15 admin_forums.php XSS | low |
| 2848 | Woltlab Burning Board XSS / SQL Injection Vulnerabilities | medium |
| 2846 | Coppermine Gallery SQL Injection | high |
| 2843 | Info2WWW < 1.2.2.9-23 Argument XSS | medium |
| 2839 | Coppermine Gallery < 1.3.3 init.inc.php HTML Injection | low |
| 2837 | mvnForum < 1.0 RC4_03 Search Parameter XSS | low |
| 2828 | IlohaMail < 0.8.14-RC3 read_message.php Multiple Field HTML Injection | low |
| 2827 | SPHPBlog search.php q Parameter XSS | low |
| 2826 | Serendipity < 0.72 exit.php Multiple Parameter SQL Injection | high |
| 2821 | PHP Photo Album < 2.0.14 Multiple Vulnerabilities | high |
| 2820 | PHPBB2 < 2.0.14 Multiple Vulnerabilities | medium |
| 2819 | EGroupWare < 1.0.0.007 Attachment Information Disclosure | high |
| 2816 | XAMPP < 1.4.14 Default Installation Multiple HTML Injection (deprecated) | high |
| 2812 | ModernBill < 4.3.3 Multiple Vulnerabilities | medium |
| 2809 | Citrix MetaFrame Server Detection | medium |
| 2808 | PostNuke < 0.760 RC4 Multiple XSS and SQL Injection Vulnerabilities | high |
| 2807 | punBB < 1.2.5 profile.php SQL Injection | medium |
| 2801 | Brooky CubeCart < 2.0.7 Multiple Script SQL Injection | high |
| 2799 | Active Auction House Multiple Vulnerabilities | high |
| 2798 | RunCMS fileupload.php Arbitrary File Upload | medium |
| 2797 | Comersus Cart Detection | info |
| 2796 | Comersus Cart Username Field HTML Injection | low |
| 2787 | phpMyAdmin < 2.6.2-RC1 RCE | medium |
| 2783 | MaxWebPortal < 1.36 XSS and SQL Injection Vulnerabilities | high |
| 2780 | MailReader < 2.3.36 network.cgi MIME Message XSS | low |
| 2779 | Horde < 3.0.4 Parent Page Title XSS | low |
| 2778 | PhotoPost < 5.02 RC3 Multiple Content-parsing Vulnerabilities | high |
| 2776 | Ublog < 1.0.5 login.asp msg Parameter XSS | low |
| 2774 | phpMyDirectory < 10.1.6 review.php Multiple Parameter XSS | low |
| 2748 | phpSysInfo < 2.5 Multiple Script XSS | low |
