The following is a summary of new script vulnerabilities that are classified as severe and may affect server owners. More details are available at US-CERT

• Falcon Series One CMS v1.4.3 – Multiple cross site scriptiing vulnerabilities.
• FreeWebShop v2.2.1 – Multiple SQL injection vulnerabilities.
• MKPortal v1.1 RC1 – SQL injection vulnerability.
• my123tkShop v0.9.1 e-Commerce-Suite – SQL injection vulnerability.
• PHP Real Estate Classifieds – SQL injection vulnerability.
  
• phpMyRealty v1.0.9 – Multiple SQL injection vulnerabilities.
• phpRPG 0.8 – Multiple SQL injection vulnerabilities.
• xeCMS v1.0 – Directory traversal vulnerability.

Popularity: 15% [?]