Whitepaper called Exploitation of "Self-Only" Cross Site Scripting in Google Code. The author discusses how leveraging the use of clickjacking has enabled them to properly exploit a priorly non-exploitable cross site scripting issue in Google Code.
ada88aee053f29daa1a0afaa6ce978d0ee02535a4be508f44df8b3c86a11fffb
phpMySport version 1.4 suffers from remote SQL injection and file manager access vulnerabilities.
314c52c145e657d7116caa3d887b2e0d73facb2eaaaed4aa3a886cda4e4a21b6
Nuggetz CMS version 1.0 suffers from a remote code execution vulnerability.
310b44cbfe418b0343922a14821545b165d5feb28615ca8605c5e3bdbfd392ed
MarieCMS version 0.9 suffers from local file inclusion, remote file inclusion, and cross site scripting vulnerabilities.
3e59302851a07630ec9f74b6be93f4111dac99def8de548a3179b40459219909
phpMyFAQ versions 2.5.4 and below suffer from cross site scripting vulnerabilities.
295a8c687d620a3ce6e91c5619c7fe37d66845b84f36c8dcaa9295aa53062b3e
PHD Help Desk version 1.43 suffers from cross site scripting vulnerabilities.
9e31d678e762edb548c87400979bdc81a4269333d3425fb379c8406bf176fc71
phpMyBackupPro version 2.1 suffers from an arbitrary file download vulnerability.
a1d12fd445417e31812006bbfbd2138773e1cac3a3125503023d695a029a3b50
Simplog version 0.9.3.2 suffers from cross site scripting and cross site request forgery vulnerabilities.
686e77bda149b90c5d645944c9bd2384b7cf6a98c67742ce60202344b0902e81
OpenDocMan version 1.2.5 suffers from cross site scripting and a remote SQL injection vulnerability that allows for authentication bypass.
e7e44fcb4e3f30d43bfa0d2b218cd77b02a088d09ba683e330163fd067dfad35
Simple Directory Listing version 2.1_beta1 suffers a cross site scripting vulnerability.
8d2ff015913796d7b4bab88f5c1731ca1a8663ba417a22927613b560dcb0e68d